projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge tag 'bcachefs-2024-10-05' of git://evilpiepirate.org/bcachefs
[linux-block.git] / security / apparmor / policy_unpack_test.c
CommitLineData
4d944bcd
MS		 1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * KUnit tests for AppArmor's policy unpack.
4 */
5
6#include <kunit/test.h>
b11e51dd 7#include <kunit/visibility.h>
4d944bcd
MS		 8
9#include "include/policy.h"
10#include "include/policy_unpack.h"
11
12#define TEST_STRING_NAME "TEST_STRING"
13#define TEST_STRING_DATA "testing"
14#define TEST_STRING_BUF_OFFSET \
15 (3 + strlen(TEST_STRING_NAME) + 1)
16
17#define TEST_U32_NAME "U32_TEST"
18#define TEST_U32_DATA ((u32)0x01020304)
19#define TEST_NAMED_U32_BUF_OFFSET \
20 (TEST_STRING_BUF_OFFSET + 3 + strlen(TEST_STRING_DATA) + 1)
21#define TEST_U32_BUF_OFFSET \
22 (TEST_NAMED_U32_BUF_OFFSET + 3 + strlen(TEST_U32_NAME) + 1)
23
24#define TEST_U16_OFFSET (TEST_U32_BUF_OFFSET + 3)
25#define TEST_U16_DATA ((u16)(TEST_U32_DATA >> 16))
26
27#define TEST_U64_NAME "U64_TEST"
28#define TEST_U64_DATA ((u64)0x0102030405060708)
29#define TEST_NAMED_U64_BUF_OFFSET (TEST_U32_BUF_OFFSET + sizeof(u32) + 1)
30#define TEST_U64_BUF_OFFSET \
31 (TEST_NAMED_U64_BUF_OFFSET + 3 + strlen(TEST_U64_NAME) + 1)
32
33#define TEST_BLOB_NAME "BLOB_TEST"
34#define TEST_BLOB_DATA "\xde\xad\x00\xbe\xef"
35#define TEST_BLOB_DATA_SIZE (ARRAY_SIZE(TEST_BLOB_DATA))
36#define TEST_NAMED_BLOB_BUF_OFFSET (TEST_U64_BUF_OFFSET + sizeof(u64) + 1)
37#define TEST_BLOB_BUF_OFFSET \
38 (TEST_NAMED_BLOB_BUF_OFFSET + 3 + strlen(TEST_BLOB_NAME) + 1)
39
40#define TEST_ARRAY_NAME "ARRAY_TEST"
41#define TEST_ARRAY_SIZE 16
42#define TEST_NAMED_ARRAY_BUF_OFFSET \
43 (TEST_BLOB_BUF_OFFSET + 5 + TEST_BLOB_DATA_SIZE)
44#define TEST_ARRAY_BUF_OFFSET \
45 (TEST_NAMED_ARRAY_BUF_OFFSET + 3 + strlen(TEST_ARRAY_NAME) + 1)
46
b11e51dd
RM		 47MODULE_IMPORT_NS(EXPORTED_FOR_KUNIT_TESTING);
48
4d944bcd
MS		 49struct policy_unpack_fixture {
50 struct aa_ext *e;
51 size_t e_size;
52};
53
ba77f390
MS		 54static struct aa_ext *build_aa_ext_struct(struct policy_unpack_fixture *puf,
55 struct kunit *test, size_t buf_size)
4d944bcd
MS		 56{
57 char *buf;
58 struct aa_ext *e;
59
60 buf = kunit_kzalloc(test, buf_size, GFP_USER);
61 KUNIT_EXPECT_NOT_ERR_OR_NULL(test, buf);
62
63 e = kunit_kmalloc(test, sizeof(*e), GFP_USER);
64 KUNIT_EXPECT_NOT_ERR_OR_NULL(test, e);
65
66 e->start = buf;
67 e->end = e->start + buf_size;
68 e->pos = e->start;
69
70 *buf = AA_NAME;
71 *(buf + 1) = strlen(TEST_STRING_NAME) + 1;
b54aebd4 72 strscpy(buf + 3, TEST_STRING_NAME, e->end - (void *)(buf + 3));
4d944bcd
MS		 73
74 buf = e->start + TEST_STRING_BUF_OFFSET;
75 *buf = AA_STRING;
76 *(buf + 1) = strlen(TEST_STRING_DATA) + 1;
b54aebd4 77 strscpy(buf + 3, TEST_STRING_DATA, e->end - (void *)(buf + 3));
4d944bcd
MS		 78 buf = e->start + TEST_NAMED_U32_BUF_OFFSET;
79 *buf = AA_NAME;
80 *(buf + 1) = strlen(TEST_U32_NAME) + 1;
b54aebd4 81 strscpy(buf + 3, TEST_U32_NAME, e->end - (void *)(buf + 3));
4d944bcd 82 *(buf + 3 + strlen(TEST_U32_NAME) + 1) = AA_U32;
98c0cc48 83 *((__le32 *)(buf + 3 + strlen(TEST_U32_NAME) + 2)) = cpu_to_le32(TEST_U32_DATA);
4d944bcd
MS		 84
85 buf = e->start + TEST_NAMED_U64_BUF_OFFSET;
86 *buf = AA_NAME;
87 *(buf + 1) = strlen(TEST_U64_NAME) + 1;
b54aebd4 88 strscpy(buf + 3, TEST_U64_NAME, e->end - (void *)(buf + 3));
4d944bcd 89 *(buf + 3 + strlen(TEST_U64_NAME) + 1) = AA_U64;
98c0cc48 90 *((__le64 *)(buf + 3 + strlen(TEST_U64_NAME) + 2)) = cpu_to_le64(TEST_U64_DATA);
4d944bcd
MS		 91
92 buf = e->start + TEST_NAMED_BLOB_BUF_OFFSET;
93 *buf = AA_NAME;
94 *(buf + 1) = strlen(TEST_BLOB_NAME) + 1;
b54aebd4 95 strscpy(buf + 3, TEST_BLOB_NAME, e->end - (void *)(buf + 3));
4d944bcd
MS		 96 *(buf + 3 + strlen(TEST_BLOB_NAME) + 1) = AA_BLOB;
97 *(buf + 3 + strlen(TEST_BLOB_NAME) + 2) = TEST_BLOB_DATA_SIZE;
98 memcpy(buf + 3 + strlen(TEST_BLOB_NAME) + 6,
99 TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE);
100
101 buf = e->start + TEST_NAMED_ARRAY_BUF_OFFSET;
102 *buf = AA_NAME;
103 *(buf + 1) = strlen(TEST_ARRAY_NAME) + 1;
b54aebd4 104 strscpy(buf + 3, TEST_ARRAY_NAME, e->end - (void *)(buf + 3));
4d944bcd 105 *(buf + 3 + strlen(TEST_ARRAY_NAME) + 1) = AA_ARRAY;
98c0cc48 106 *((__le16 *)(buf + 3 + strlen(TEST_ARRAY_NAME) + 2)) = cpu_to_le16(TEST_ARRAY_SIZE);
4d944bcd
MS		 107
108 return e;
109}
110
111static int policy_unpack_test_init(struct kunit *test)
112{
113 size_t e_size = TEST_ARRAY_BUF_OFFSET + sizeof(u16) + 1;
114 struct policy_unpack_fixture *puf;
115
116 puf = kunit_kmalloc(test, sizeof(*puf), GFP_USER);
117 KUNIT_EXPECT_NOT_ERR_OR_NULL(test, puf);
118
119 puf->e_size = e_size;
120 puf->e = build_aa_ext_struct(puf, test, e_size);
121
122 test->priv = puf;
123 return 0;
124}
125
126static void policy_unpack_test_inbounds_when_inbounds(struct kunit *test)
127{
128 struct policy_unpack_fixture *puf = test->priv;
129
b11e51dd
RM		 130 KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, 0));
131 KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, puf->e_size / 2));
132 KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, puf->e_size));
4d944bcd
MS		 133}
134
135static void policy_unpack_test_inbounds_when_out_of_bounds(struct kunit *test)
136{
137 struct policy_unpack_fixture *puf = test->priv;
138
b11e51dd 139 KUNIT_EXPECT_FALSE(test, aa_inbounds(puf->e, puf->e_size + 1));
4d944bcd
MS		 140}
141
142static void policy_unpack_test_unpack_array_with_null_name(struct kunit *test)
143{
144 struct policy_unpack_fixture *puf = test->priv;
4295c60b 145 u16 array_size = 0;
4d944bcd
MS		 146
147 puf->e->pos += TEST_ARRAY_BUF_OFFSET;
148
93761c93 149 KUNIT_EXPECT_TRUE(test, aa_unpack_array(puf->e, NULL, &array_size));
4d944bcd
MS		 150 KUNIT_EXPECT_EQ(test, array_size, (u16)TEST_ARRAY_SIZE);
151 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
152 puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16) + 1);
153}
154
155static void policy_unpack_test_unpack_array_with_name(struct kunit *test)
156{
157 struct policy_unpack_fixture *puf = test->priv;
158 const char name[] = TEST_ARRAY_NAME;
4295c60b 159 u16 array_size = 0;
4d944bcd
MS		 160
161 puf->e->pos += TEST_NAMED_ARRAY_BUF_OFFSET;
162
93761c93 163 KUNIT_EXPECT_TRUE(test, aa_unpack_array(puf->e, name, &array_size));
4d944bcd
MS		 164 KUNIT_EXPECT_EQ(test, array_size, (u16)TEST_ARRAY_SIZE);
165 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
166 puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16) + 1);
167}
168
169static void policy_unpack_test_unpack_array_out_of_bounds(struct kunit *test)
170{
171 struct policy_unpack_fixture *puf = test->priv;
172 const char name[] = TEST_ARRAY_NAME;
173 u16 array_size;
174
175 puf->e->pos += TEST_NAMED_ARRAY_BUF_OFFSET;
176 puf->e->end = puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16);
177
93761c93 178 KUNIT_EXPECT_FALSE(test, aa_unpack_array(puf->e, name, &array_size));
4d944bcd
MS		 179 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
180 puf->e->start + TEST_NAMED_ARRAY_BUF_OFFSET);
181}
182
183static void policy_unpack_test_unpack_blob_with_null_name(struct kunit *test)
184{
185 struct policy_unpack_fixture *puf = test->priv;
186 char *blob = NULL;
187 size_t size;
188
189 puf->e->pos += TEST_BLOB_BUF_OFFSET;
b11e51dd 190 size = aa_unpack_blob(puf->e, &blob, NULL);
4d944bcd
MS		 191
192 KUNIT_ASSERT_EQ(test, size, TEST_BLOB_DATA_SIZE);
193 KUNIT_EXPECT_TRUE(test,
194 memcmp(blob, TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE) == 0);
195}
196
197static void policy_unpack_test_unpack_blob_with_name(struct kunit *test)
198{
199 struct policy_unpack_fixture *puf = test->priv;
200 char *blob = NULL;
201 size_t size;
202
203 puf->e->pos += TEST_NAMED_BLOB_BUF_OFFSET;
b11e51dd 204 size = aa_unpack_blob(puf->e, &blob, TEST_BLOB_NAME);
4d944bcd
MS		 205
206 KUNIT_ASSERT_EQ(test, size, TEST_BLOB_DATA_SIZE);
207 KUNIT_EXPECT_TRUE(test,
208 memcmp(blob, TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE) == 0);
209}
210
211static void policy_unpack_test_unpack_blob_out_of_bounds(struct kunit *test)
212{
213 struct policy_unpack_fixture *puf = test->priv;
214 char *blob = NULL;
215 void *start;
216 int size;
217
218 puf->e->pos += TEST_NAMED_BLOB_BUF_OFFSET;
219 start = puf->e->pos;
220 puf->e->end = puf->e->start + TEST_BLOB_BUF_OFFSET
221 + TEST_BLOB_DATA_SIZE - 1;
222
b11e51dd 223 size = aa_unpack_blob(puf->e, &blob, TEST_BLOB_NAME);
4d944bcd
MS		 224
225 KUNIT_EXPECT_EQ(test, size, 0);
226 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start);
227}
228
229static void policy_unpack_test_unpack_str_with_null_name(struct kunit *test)
230{
231 struct policy_unpack_fixture *puf = test->priv;
232 const char *string = NULL;
233 size_t size;
234
235 puf->e->pos += TEST_STRING_BUF_OFFSET;
b11e51dd 236 size = aa_unpack_str(puf->e, &string, NULL);
4d944bcd
MS		 237
238 KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1);
239 KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);
240}
241
242static void policy_unpack_test_unpack_str_with_name(struct kunit *test)
243{
244 struct policy_unpack_fixture *puf = test->priv;
245 const char *string = NULL;
246 size_t size;
247
b11e51dd 248 size = aa_unpack_str(puf->e, &string, TEST_STRING_NAME);
4d944bcd
MS		 249
250 KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1);
251 KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);
252}
253
254static void policy_unpack_test_unpack_str_out_of_bounds(struct kunit *test)
255{
256 struct policy_unpack_fixture *puf = test->priv;
257 const char *string = NULL;
258 void *start = puf->e->pos;
259 int size;
260
261 puf->e->end = puf->e->pos + TEST_STRING_BUF_OFFSET
262 + strlen(TEST_STRING_DATA) - 1;
263
b11e51dd 264 size = aa_unpack_str(puf->e, &string, TEST_STRING_NAME);
4d944bcd
MS		 265
266 KUNIT_EXPECT_EQ(test, size, 0);
267 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start);
268}
269
270static void policy_unpack_test_unpack_strdup_with_null_name(struct kunit *test)
271{
272 struct policy_unpack_fixture *puf = test->priv;
273 char *string = NULL;
274 size_t size;
275
276 puf->e->pos += TEST_STRING_BUF_OFFSET;
b11e51dd 277 size = aa_unpack_strdup(puf->e, &string, NULL);
4d944bcd
MS		 278
279 KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1);
280 KUNIT_EXPECT_FALSE(test,
281 ((uintptr_t)puf->e->start <= (uintptr_t)string)
282 && ((uintptr_t)string <= (uintptr_t)puf->e->end));
283 KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);
284}
285
286static void policy_unpack_test_unpack_strdup_with_name(struct kunit *test)
287{
288 struct policy_unpack_fixture *puf = test->priv;
289 char *string = NULL;
290 size_t size;
291
b11e51dd 292 size = aa_unpack_strdup(puf->e, &string, TEST_STRING_NAME);
4d944bcd
MS		 293
294 KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1);
295 KUNIT_EXPECT_FALSE(test,
296 ((uintptr_t)puf->e->start <= (uintptr_t)string)
297 && ((uintptr_t)string <= (uintptr_t)puf->e->end));
298 KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);
299}
300
301static void policy_unpack_test_unpack_strdup_out_of_bounds(struct kunit *test)
302{
303 struct policy_unpack_fixture *puf = test->priv;
304 void *start = puf->e->pos;
305 char *string = NULL;
306 int size;
307
308 puf->e->end = puf->e->pos + TEST_STRING_BUF_OFFSET
309 + strlen(TEST_STRING_DATA) - 1;
310
b11e51dd 311 size = aa_unpack_strdup(puf->e, &string, TEST_STRING_NAME);
4d944bcd
MS		 312
313 KUNIT_EXPECT_EQ(test, size, 0);
5f91bd9f 314 KUNIT_EXPECT_NULL(test, string);
4d944bcd
MS		 315 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start);
316}
317
318static void policy_unpack_test_unpack_nameX_with_null_name(struct kunit *test)
319{
320 struct policy_unpack_fixture *puf = test->priv;
321 bool success;
322
323 puf->e->pos += TEST_U32_BUF_OFFSET;
324
b11e51dd 325 success = aa_unpack_nameX(puf->e, AA_U32, NULL);
4d944bcd
MS		 326
327 KUNIT_EXPECT_TRUE(test, success);
328 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
329 puf->e->start + TEST_U32_BUF_OFFSET + 1);
330}
331
332static void policy_unpack_test_unpack_nameX_with_wrong_code(struct kunit *test)
333{
334 struct policy_unpack_fixture *puf = test->priv;
335 bool success;
336
337 puf->e->pos += TEST_U32_BUF_OFFSET;
338
b11e51dd 339 success = aa_unpack_nameX(puf->e, AA_BLOB, NULL);
4d944bcd
MS		 340
341 KUNIT_EXPECT_FALSE(test, success);
342 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
343 puf->e->start + TEST_U32_BUF_OFFSET);
344}
345
346static void policy_unpack_test_unpack_nameX_with_name(struct kunit *test)
347{
348 struct policy_unpack_fixture *puf = test->priv;
349 const char name[] = TEST_U32_NAME;
350 bool success;
351
352 puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;
353
b11e51dd 354 success = aa_unpack_nameX(puf->e, AA_U32, name);
4d944bcd
MS		 355
356 KUNIT_EXPECT_TRUE(test, success);
357 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
358 puf->e->start + TEST_U32_BUF_OFFSET + 1);
359}
360
361static void policy_unpack_test_unpack_nameX_with_wrong_name(struct kunit *test)
362{
363 struct policy_unpack_fixture *puf = test->priv;
364 static const char name[] = "12345678";
365 bool success;
366
367 puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;
368
b11e51dd 369 success = aa_unpack_nameX(puf->e, AA_U32, name);
4d944bcd
MS		 370
371 KUNIT_EXPECT_FALSE(test, success);
372 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
373 puf->e->start + TEST_NAMED_U32_BUF_OFFSET);
374}
375
376static void policy_unpack_test_unpack_u16_chunk_basic(struct kunit *test)
377{
378 struct policy_unpack_fixture *puf = test->priv;
379 char *chunk = NULL;
380 size_t size;
381
382 puf->e->pos += TEST_U16_OFFSET;
383 /*
384 * WARNING: For unit testing purposes, we're pushing puf->e->end past
385 * the end of the allocated memory. Doing anything other than comparing
386 * memory addresses is dangerous.
387 */
388 puf->e->end += TEST_U16_DATA;
389
b11e51dd 390 size = aa_unpack_u16_chunk(puf->e, &chunk);
4d944bcd 391
e2f76ad7 392 KUNIT_EXPECT_PTR_EQ(test, chunk,
4d944bcd 393 puf->e->start + TEST_U16_OFFSET + 2);
e2f76ad7
DG		 394 KUNIT_EXPECT_EQ(test, size, TEST_U16_DATA);
395 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, (chunk + TEST_U16_DATA));
4d944bcd
MS		 396}
397
398static void policy_unpack_test_unpack_u16_chunk_out_of_bounds_1(
399 struct kunit *test)
400{
401 struct policy_unpack_fixture *puf = test->priv;
402 char *chunk = NULL;
403 size_t size;
404
405 puf->e->pos = puf->e->end - 1;
406
b11e51dd 407 size = aa_unpack_u16_chunk(puf->e, &chunk);
4d944bcd 408
e2f76ad7 409 KUNIT_EXPECT_EQ(test, size, 0);
5f91bd9f 410 KUNIT_EXPECT_NULL(test, chunk);
4d944bcd
MS		 411 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, puf->e->end - 1);
412}
413
414static void policy_unpack_test_unpack_u16_chunk_out_of_bounds_2(
415 struct kunit *test)
416{
417 struct policy_unpack_fixture *puf = test->priv;
418 char *chunk = NULL;
419 size_t size;
420
421 puf->e->pos += TEST_U16_OFFSET;
422 /*
423 * WARNING: For unit testing purposes, we're pushing puf->e->end past
424 * the end of the allocated memory. Doing anything other than comparing
425 * memory addresses is dangerous.
426 */
427 puf->e->end = puf->e->pos + TEST_U16_DATA - 1;
428
b11e51dd 429 size = aa_unpack_u16_chunk(puf->e, &chunk);
4d944bcd 430
e2f76ad7 431 KUNIT_EXPECT_EQ(test, size, 0);
5f91bd9f 432 KUNIT_EXPECT_NULL(test, chunk);
4d944bcd
MS		 433 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, puf->e->start + TEST_U16_OFFSET);
434}
435
436static void policy_unpack_test_unpack_u32_with_null_name(struct kunit *test)
437{
438 struct policy_unpack_fixture *puf = test->priv;
439 bool success;
ba77f390 440 u32 data = 0;
4d944bcd
MS		 441
442 puf->e->pos += TEST_U32_BUF_OFFSET;
443
b11e51dd 444 success = aa_unpack_u32(puf->e, &data, NULL);
4d944bcd
MS		 445
446 KUNIT_EXPECT_TRUE(test, success);
447 KUNIT_EXPECT_EQ(test, data, TEST_U32_DATA);
448 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
449 puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32) + 1);
450}
451
452static void policy_unpack_test_unpack_u32_with_name(struct kunit *test)
453{
454 struct policy_unpack_fixture *puf = test->priv;
455 const char name[] = TEST_U32_NAME;
456 bool success;
ba77f390 457 u32 data = 0;
4d944bcd
MS		 458
459 puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;
460
b11e51dd 461 success = aa_unpack_u32(puf->e, &data, name);
4d944bcd
MS		 462
463 KUNIT_EXPECT_TRUE(test, success);
464 KUNIT_EXPECT_EQ(test, data, TEST_U32_DATA);
465 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
466 puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32) + 1);
467}
468
469static void policy_unpack_test_unpack_u32_out_of_bounds(struct kunit *test)
470{
471 struct policy_unpack_fixture *puf = test->priv;
472 const char name[] = TEST_U32_NAME;
473 bool success;
ba77f390 474 u32 data = 0;
4d944bcd
MS		 475
476 puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;
477 puf->e->end = puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32);
478
b11e51dd 479 success = aa_unpack_u32(puf->e, &data, name);
4d944bcd
MS		 480
481 KUNIT_EXPECT_FALSE(test, success);
482 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
483 puf->e->start + TEST_NAMED_U32_BUF_OFFSET);
484}
485
486static void policy_unpack_test_unpack_u64_with_null_name(struct kunit *test)
487{
488 struct policy_unpack_fixture *puf = test->priv;
489 bool success;
ba77f390 490 u64 data = 0;
4d944bcd
MS		 491
492 puf->e->pos += TEST_U64_BUF_OFFSET;
493
b11e51dd 494 success = aa_unpack_u64(puf->e, &data, NULL);
4d944bcd
MS		 495
496 KUNIT_EXPECT_TRUE(test, success);
497 KUNIT_EXPECT_EQ(test, data, TEST_U64_DATA);
498 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
499 puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64) + 1);
500}
501
502static void policy_unpack_test_unpack_u64_with_name(struct kunit *test)
503{
504 struct policy_unpack_fixture *puf = test->priv;
505 const char name[] = TEST_U64_NAME;
506 bool success;
ba77f390 507 u64 data = 0;
4d944bcd
MS		 508
509 puf->e->pos += TEST_NAMED_U64_BUF_OFFSET;
510
b11e51dd 511 success = aa_unpack_u64(puf->e, &data, name);
4d944bcd
MS		 512
513 KUNIT_EXPECT_TRUE(test, success);
514 KUNIT_EXPECT_EQ(test, data, TEST_U64_DATA);
515 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
516 puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64) + 1);
517}
518
519static void policy_unpack_test_unpack_u64_out_of_bounds(struct kunit *test)
520{
521 struct policy_unpack_fixture *puf = test->priv;
522 const char name[] = TEST_U64_NAME;
523 bool success;
ba77f390 524 u64 data = 0;
4d944bcd
MS		 525
526 puf->e->pos += TEST_NAMED_U64_BUF_OFFSET;
527 puf->e->end = puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64);
528
b11e51dd 529 success = aa_unpack_u64(puf->e, &data, name);
4d944bcd
MS		 530
531 KUNIT_EXPECT_FALSE(test, success);
532 KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
533 puf->e->start + TEST_NAMED_U64_BUF_OFFSET);
534}
535
536static void policy_unpack_test_unpack_X_code_match(struct kunit *test)
537{
538 struct policy_unpack_fixture *puf = test->priv;
b11e51dd 539 bool success = aa_unpack_X(puf->e, AA_NAME);
4d944bcd
MS		 540
541 KUNIT_EXPECT_TRUE(test, success);
542 KUNIT_EXPECT_TRUE(test, puf->e->pos == puf->e->start + 1);
543}
544
545static void policy_unpack_test_unpack_X_code_mismatch(struct kunit *test)
546{
547 struct policy_unpack_fixture *puf = test->priv;
b11e51dd 548 bool success = aa_unpack_X(puf->e, AA_STRING);
4d944bcd
MS		 549
550 KUNIT_EXPECT_FALSE(test, success);
551 KUNIT_EXPECT_TRUE(test, puf->e->pos == puf->e->start);
552}
553
554static void policy_unpack_test_unpack_X_out_of_bounds(struct kunit *test)
555{
556 struct policy_unpack_fixture *puf = test->priv;
557 bool success;
558
559 puf->e->pos = puf->e->end;
b11e51dd 560 success = aa_unpack_X(puf->e, AA_NAME);
4d944bcd
MS		 561
562 KUNIT_EXPECT_FALSE(test, success);
563}
564
565static struct kunit_case apparmor_policy_unpack_test_cases[] = {
566 KUNIT_CASE(policy_unpack_test_inbounds_when_inbounds),
567 KUNIT_CASE(policy_unpack_test_inbounds_when_out_of_bounds),
568 KUNIT_CASE(policy_unpack_test_unpack_array_with_null_name),
569 KUNIT_CASE(policy_unpack_test_unpack_array_with_name),
570 KUNIT_CASE(policy_unpack_test_unpack_array_out_of_bounds),
571 KUNIT_CASE(policy_unpack_test_unpack_blob_with_null_name),
572 KUNIT_CASE(policy_unpack_test_unpack_blob_with_name),
573 KUNIT_CASE(policy_unpack_test_unpack_blob_out_of_bounds),
574 KUNIT_CASE(policy_unpack_test_unpack_nameX_with_null_name),
575 KUNIT_CASE(policy_unpack_test_unpack_nameX_with_wrong_code),
576 KUNIT_CASE(policy_unpack_test_unpack_nameX_with_name),
577 KUNIT_CASE(policy_unpack_test_unpack_nameX_with_wrong_name),
578 KUNIT_CASE(policy_unpack_test_unpack_str_with_null_name),
579 KUNIT_CASE(policy_unpack_test_unpack_str_with_name),
580 KUNIT_CASE(policy_unpack_test_unpack_str_out_of_bounds),
581 KUNIT_CASE(policy_unpack_test_unpack_strdup_with_null_name),
582 KUNIT_CASE(policy_unpack_test_unpack_strdup_with_name),
583 KUNIT_CASE(policy_unpack_test_unpack_strdup_out_of_bounds),
584 KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_basic),
585 KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_out_of_bounds_1),
586 KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_out_of_bounds_2),
587 KUNIT_CASE(policy_unpack_test_unpack_u32_with_null_name),
588 KUNIT_CASE(policy_unpack_test_unpack_u32_with_name),
589 KUNIT_CASE(policy_unpack_test_unpack_u32_out_of_bounds),
590 KUNIT_CASE(policy_unpack_test_unpack_u64_with_null_name),
591 KUNIT_CASE(policy_unpack_test_unpack_u64_with_name),
592 KUNIT_CASE(policy_unpack_test_unpack_u64_out_of_bounds),
593 KUNIT_CASE(policy_unpack_test_unpack_X_code_match),
594 KUNIT_CASE(policy_unpack_test_unpack_X_code_mismatch),
595 KUNIT_CASE(policy_unpack_test_unpack_X_out_of_bounds),
596 {},
597};
598
599static struct kunit_suite apparmor_policy_unpack_test_module = {
600 .name = "apparmor_policy_unpack",
601 .init = policy_unpack_test_init,
602 .test_cases = apparmor_policy_unpack_test_cases,
603};
604
605kunit_test_suite(apparmor_policy_unpack_test_module);
b11e51dd 606
4b954a02 607MODULE_DESCRIPTION("KUnit tests for AppArmor's policy unpack");
b11e51dd 608MODULE_LICENSE("GPL");
Linux 6.x block layer and io_uring tree(s)