Commit | Line | Data |
---|---|---|
4d944bcd MS |
1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | /* | |
3 | * KUnit tests for AppArmor's policy unpack. | |
4 | */ | |
5 | ||
6 | #include <kunit/test.h> | |
b11e51dd | 7 | #include <kunit/visibility.h> |
4d944bcd MS |
8 | |
9 | #include "include/policy.h" | |
10 | #include "include/policy_unpack.h" | |
11 | ||
12 | #define TEST_STRING_NAME "TEST_STRING" | |
13 | #define TEST_STRING_DATA "testing" | |
14 | #define TEST_STRING_BUF_OFFSET \ | |
15 | (3 + strlen(TEST_STRING_NAME) + 1) | |
16 | ||
17 | #define TEST_U32_NAME "U32_TEST" | |
18 | #define TEST_U32_DATA ((u32)0x01020304) | |
19 | #define TEST_NAMED_U32_BUF_OFFSET \ | |
20 | (TEST_STRING_BUF_OFFSET + 3 + strlen(TEST_STRING_DATA) + 1) | |
21 | #define TEST_U32_BUF_OFFSET \ | |
22 | (TEST_NAMED_U32_BUF_OFFSET + 3 + strlen(TEST_U32_NAME) + 1) | |
23 | ||
24 | #define TEST_U16_OFFSET (TEST_U32_BUF_OFFSET + 3) | |
25 | #define TEST_U16_DATA ((u16)(TEST_U32_DATA >> 16)) | |
26 | ||
27 | #define TEST_U64_NAME "U64_TEST" | |
28 | #define TEST_U64_DATA ((u64)0x0102030405060708) | |
29 | #define TEST_NAMED_U64_BUF_OFFSET (TEST_U32_BUF_OFFSET + sizeof(u32) + 1) | |
30 | #define TEST_U64_BUF_OFFSET \ | |
31 | (TEST_NAMED_U64_BUF_OFFSET + 3 + strlen(TEST_U64_NAME) + 1) | |
32 | ||
33 | #define TEST_BLOB_NAME "BLOB_TEST" | |
34 | #define TEST_BLOB_DATA "\xde\xad\x00\xbe\xef" | |
35 | #define TEST_BLOB_DATA_SIZE (ARRAY_SIZE(TEST_BLOB_DATA)) | |
36 | #define TEST_NAMED_BLOB_BUF_OFFSET (TEST_U64_BUF_OFFSET + sizeof(u64) + 1) | |
37 | #define TEST_BLOB_BUF_OFFSET \ | |
38 | (TEST_NAMED_BLOB_BUF_OFFSET + 3 + strlen(TEST_BLOB_NAME) + 1) | |
39 | ||
40 | #define TEST_ARRAY_NAME "ARRAY_TEST" | |
41 | #define TEST_ARRAY_SIZE 16 | |
42 | #define TEST_NAMED_ARRAY_BUF_OFFSET \ | |
43 | (TEST_BLOB_BUF_OFFSET + 5 + TEST_BLOB_DATA_SIZE) | |
44 | #define TEST_ARRAY_BUF_OFFSET \ | |
45 | (TEST_NAMED_ARRAY_BUF_OFFSET + 3 + strlen(TEST_ARRAY_NAME) + 1) | |
46 | ||
b11e51dd RM |
47 | MODULE_IMPORT_NS(EXPORTED_FOR_KUNIT_TESTING); |
48 | ||
4d944bcd MS |
49 | struct policy_unpack_fixture { |
50 | struct aa_ext *e; | |
51 | size_t e_size; | |
52 | }; | |
53 | ||
ba77f390 MS |
54 | static struct aa_ext *build_aa_ext_struct(struct policy_unpack_fixture *puf, |
55 | struct kunit *test, size_t buf_size) | |
4d944bcd MS |
56 | { |
57 | char *buf; | |
58 | struct aa_ext *e; | |
59 | ||
60 | buf = kunit_kzalloc(test, buf_size, GFP_USER); | |
61 | KUNIT_EXPECT_NOT_ERR_OR_NULL(test, buf); | |
62 | ||
63 | e = kunit_kmalloc(test, sizeof(*e), GFP_USER); | |
64 | KUNIT_EXPECT_NOT_ERR_OR_NULL(test, e); | |
65 | ||
66 | e->start = buf; | |
67 | e->end = e->start + buf_size; | |
68 | e->pos = e->start; | |
69 | ||
70 | *buf = AA_NAME; | |
71 | *(buf + 1) = strlen(TEST_STRING_NAME) + 1; | |
b54aebd4 | 72 | strscpy(buf + 3, TEST_STRING_NAME, e->end - (void *)(buf + 3)); |
4d944bcd MS |
73 | |
74 | buf = e->start + TEST_STRING_BUF_OFFSET; | |
75 | *buf = AA_STRING; | |
76 | *(buf + 1) = strlen(TEST_STRING_DATA) + 1; | |
b54aebd4 | 77 | strscpy(buf + 3, TEST_STRING_DATA, e->end - (void *)(buf + 3)); |
4d944bcd MS |
78 | buf = e->start + TEST_NAMED_U32_BUF_OFFSET; |
79 | *buf = AA_NAME; | |
80 | *(buf + 1) = strlen(TEST_U32_NAME) + 1; | |
b54aebd4 | 81 | strscpy(buf + 3, TEST_U32_NAME, e->end - (void *)(buf + 3)); |
4d944bcd | 82 | *(buf + 3 + strlen(TEST_U32_NAME) + 1) = AA_U32; |
98c0cc48 | 83 | *((__le32 *)(buf + 3 + strlen(TEST_U32_NAME) + 2)) = cpu_to_le32(TEST_U32_DATA); |
4d944bcd MS |
84 | |
85 | buf = e->start + TEST_NAMED_U64_BUF_OFFSET; | |
86 | *buf = AA_NAME; | |
87 | *(buf + 1) = strlen(TEST_U64_NAME) + 1; | |
b54aebd4 | 88 | strscpy(buf + 3, TEST_U64_NAME, e->end - (void *)(buf + 3)); |
4d944bcd | 89 | *(buf + 3 + strlen(TEST_U64_NAME) + 1) = AA_U64; |
98c0cc48 | 90 | *((__le64 *)(buf + 3 + strlen(TEST_U64_NAME) + 2)) = cpu_to_le64(TEST_U64_DATA); |
4d944bcd MS |
91 | |
92 | buf = e->start + TEST_NAMED_BLOB_BUF_OFFSET; | |
93 | *buf = AA_NAME; | |
94 | *(buf + 1) = strlen(TEST_BLOB_NAME) + 1; | |
b54aebd4 | 95 | strscpy(buf + 3, TEST_BLOB_NAME, e->end - (void *)(buf + 3)); |
4d944bcd MS |
96 | *(buf + 3 + strlen(TEST_BLOB_NAME) + 1) = AA_BLOB; |
97 | *(buf + 3 + strlen(TEST_BLOB_NAME) + 2) = TEST_BLOB_DATA_SIZE; | |
98 | memcpy(buf + 3 + strlen(TEST_BLOB_NAME) + 6, | |
99 | TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE); | |
100 | ||
101 | buf = e->start + TEST_NAMED_ARRAY_BUF_OFFSET; | |
102 | *buf = AA_NAME; | |
103 | *(buf + 1) = strlen(TEST_ARRAY_NAME) + 1; | |
b54aebd4 | 104 | strscpy(buf + 3, TEST_ARRAY_NAME, e->end - (void *)(buf + 3)); |
4d944bcd | 105 | *(buf + 3 + strlen(TEST_ARRAY_NAME) + 1) = AA_ARRAY; |
98c0cc48 | 106 | *((__le16 *)(buf + 3 + strlen(TEST_ARRAY_NAME) + 2)) = cpu_to_le16(TEST_ARRAY_SIZE); |
4d944bcd MS |
107 | |
108 | return e; | |
109 | } | |
110 | ||
111 | static int policy_unpack_test_init(struct kunit *test) | |
112 | { | |
113 | size_t e_size = TEST_ARRAY_BUF_OFFSET + sizeof(u16) + 1; | |
114 | struct policy_unpack_fixture *puf; | |
115 | ||
116 | puf = kunit_kmalloc(test, sizeof(*puf), GFP_USER); | |
117 | KUNIT_EXPECT_NOT_ERR_OR_NULL(test, puf); | |
118 | ||
119 | puf->e_size = e_size; | |
120 | puf->e = build_aa_ext_struct(puf, test, e_size); | |
121 | ||
122 | test->priv = puf; | |
123 | return 0; | |
124 | } | |
125 | ||
126 | static void policy_unpack_test_inbounds_when_inbounds(struct kunit *test) | |
127 | { | |
128 | struct policy_unpack_fixture *puf = test->priv; | |
129 | ||
b11e51dd RM |
130 | KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, 0)); |
131 | KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, puf->e_size / 2)); | |
132 | KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, puf->e_size)); | |
4d944bcd MS |
133 | } |
134 | ||
135 | static void policy_unpack_test_inbounds_when_out_of_bounds(struct kunit *test) | |
136 | { | |
137 | struct policy_unpack_fixture *puf = test->priv; | |
138 | ||
b11e51dd | 139 | KUNIT_EXPECT_FALSE(test, aa_inbounds(puf->e, puf->e_size + 1)); |
4d944bcd MS |
140 | } |
141 | ||
142 | static void policy_unpack_test_unpack_array_with_null_name(struct kunit *test) | |
143 | { | |
144 | struct policy_unpack_fixture *puf = test->priv; | |
4295c60b | 145 | u16 array_size = 0; |
4d944bcd MS |
146 | |
147 | puf->e->pos += TEST_ARRAY_BUF_OFFSET; | |
148 | ||
93761c93 | 149 | KUNIT_EXPECT_TRUE(test, aa_unpack_array(puf->e, NULL, &array_size)); |
4d944bcd MS |
150 | KUNIT_EXPECT_EQ(test, array_size, (u16)TEST_ARRAY_SIZE); |
151 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
152 | puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16) + 1); | |
153 | } | |
154 | ||
155 | static void policy_unpack_test_unpack_array_with_name(struct kunit *test) | |
156 | { | |
157 | struct policy_unpack_fixture *puf = test->priv; | |
158 | const char name[] = TEST_ARRAY_NAME; | |
4295c60b | 159 | u16 array_size = 0; |
4d944bcd MS |
160 | |
161 | puf->e->pos += TEST_NAMED_ARRAY_BUF_OFFSET; | |
162 | ||
93761c93 | 163 | KUNIT_EXPECT_TRUE(test, aa_unpack_array(puf->e, name, &array_size)); |
4d944bcd MS |
164 | KUNIT_EXPECT_EQ(test, array_size, (u16)TEST_ARRAY_SIZE); |
165 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
166 | puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16) + 1); | |
167 | } | |
168 | ||
169 | static void policy_unpack_test_unpack_array_out_of_bounds(struct kunit *test) | |
170 | { | |
171 | struct policy_unpack_fixture *puf = test->priv; | |
172 | const char name[] = TEST_ARRAY_NAME; | |
173 | u16 array_size; | |
174 | ||
175 | puf->e->pos += TEST_NAMED_ARRAY_BUF_OFFSET; | |
176 | puf->e->end = puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16); | |
177 | ||
93761c93 | 178 | KUNIT_EXPECT_FALSE(test, aa_unpack_array(puf->e, name, &array_size)); |
4d944bcd MS |
179 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, |
180 | puf->e->start + TEST_NAMED_ARRAY_BUF_OFFSET); | |
181 | } | |
182 | ||
183 | static void policy_unpack_test_unpack_blob_with_null_name(struct kunit *test) | |
184 | { | |
185 | struct policy_unpack_fixture *puf = test->priv; | |
186 | char *blob = NULL; | |
187 | size_t size; | |
188 | ||
189 | puf->e->pos += TEST_BLOB_BUF_OFFSET; | |
b11e51dd | 190 | size = aa_unpack_blob(puf->e, &blob, NULL); |
4d944bcd MS |
191 | |
192 | KUNIT_ASSERT_EQ(test, size, TEST_BLOB_DATA_SIZE); | |
193 | KUNIT_EXPECT_TRUE(test, | |
194 | memcmp(blob, TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE) == 0); | |
195 | } | |
196 | ||
197 | static void policy_unpack_test_unpack_blob_with_name(struct kunit *test) | |
198 | { | |
199 | struct policy_unpack_fixture *puf = test->priv; | |
200 | char *blob = NULL; | |
201 | size_t size; | |
202 | ||
203 | puf->e->pos += TEST_NAMED_BLOB_BUF_OFFSET; | |
b11e51dd | 204 | size = aa_unpack_blob(puf->e, &blob, TEST_BLOB_NAME); |
4d944bcd MS |
205 | |
206 | KUNIT_ASSERT_EQ(test, size, TEST_BLOB_DATA_SIZE); | |
207 | KUNIT_EXPECT_TRUE(test, | |
208 | memcmp(blob, TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE) == 0); | |
209 | } | |
210 | ||
211 | static void policy_unpack_test_unpack_blob_out_of_bounds(struct kunit *test) | |
212 | { | |
213 | struct policy_unpack_fixture *puf = test->priv; | |
214 | char *blob = NULL; | |
215 | void *start; | |
216 | int size; | |
217 | ||
218 | puf->e->pos += TEST_NAMED_BLOB_BUF_OFFSET; | |
219 | start = puf->e->pos; | |
220 | puf->e->end = puf->e->start + TEST_BLOB_BUF_OFFSET | |
221 | + TEST_BLOB_DATA_SIZE - 1; | |
222 | ||
b11e51dd | 223 | size = aa_unpack_blob(puf->e, &blob, TEST_BLOB_NAME); |
4d944bcd MS |
224 | |
225 | KUNIT_EXPECT_EQ(test, size, 0); | |
226 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start); | |
227 | } | |
228 | ||
229 | static void policy_unpack_test_unpack_str_with_null_name(struct kunit *test) | |
230 | { | |
231 | struct policy_unpack_fixture *puf = test->priv; | |
232 | const char *string = NULL; | |
233 | size_t size; | |
234 | ||
235 | puf->e->pos += TEST_STRING_BUF_OFFSET; | |
b11e51dd | 236 | size = aa_unpack_str(puf->e, &string, NULL); |
4d944bcd MS |
237 | |
238 | KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1); | |
239 | KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA); | |
240 | } | |
241 | ||
242 | static void policy_unpack_test_unpack_str_with_name(struct kunit *test) | |
243 | { | |
244 | struct policy_unpack_fixture *puf = test->priv; | |
245 | const char *string = NULL; | |
246 | size_t size; | |
247 | ||
b11e51dd | 248 | size = aa_unpack_str(puf->e, &string, TEST_STRING_NAME); |
4d944bcd MS |
249 | |
250 | KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1); | |
251 | KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA); | |
252 | } | |
253 | ||
254 | static void policy_unpack_test_unpack_str_out_of_bounds(struct kunit *test) | |
255 | { | |
256 | struct policy_unpack_fixture *puf = test->priv; | |
257 | const char *string = NULL; | |
258 | void *start = puf->e->pos; | |
259 | int size; | |
260 | ||
261 | puf->e->end = puf->e->pos + TEST_STRING_BUF_OFFSET | |
262 | + strlen(TEST_STRING_DATA) - 1; | |
263 | ||
b11e51dd | 264 | size = aa_unpack_str(puf->e, &string, TEST_STRING_NAME); |
4d944bcd MS |
265 | |
266 | KUNIT_EXPECT_EQ(test, size, 0); | |
267 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start); | |
268 | } | |
269 | ||
270 | static void policy_unpack_test_unpack_strdup_with_null_name(struct kunit *test) | |
271 | { | |
272 | struct policy_unpack_fixture *puf = test->priv; | |
273 | char *string = NULL; | |
274 | size_t size; | |
275 | ||
276 | puf->e->pos += TEST_STRING_BUF_OFFSET; | |
b11e51dd | 277 | size = aa_unpack_strdup(puf->e, &string, NULL); |
4d944bcd MS |
278 | |
279 | KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1); | |
280 | KUNIT_EXPECT_FALSE(test, | |
281 | ((uintptr_t)puf->e->start <= (uintptr_t)string) | |
282 | && ((uintptr_t)string <= (uintptr_t)puf->e->end)); | |
283 | KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA); | |
284 | } | |
285 | ||
286 | static void policy_unpack_test_unpack_strdup_with_name(struct kunit *test) | |
287 | { | |
288 | struct policy_unpack_fixture *puf = test->priv; | |
289 | char *string = NULL; | |
290 | size_t size; | |
291 | ||
b11e51dd | 292 | size = aa_unpack_strdup(puf->e, &string, TEST_STRING_NAME); |
4d944bcd MS |
293 | |
294 | KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1); | |
295 | KUNIT_EXPECT_FALSE(test, | |
296 | ((uintptr_t)puf->e->start <= (uintptr_t)string) | |
297 | && ((uintptr_t)string <= (uintptr_t)puf->e->end)); | |
298 | KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA); | |
299 | } | |
300 | ||
301 | static void policy_unpack_test_unpack_strdup_out_of_bounds(struct kunit *test) | |
302 | { | |
303 | struct policy_unpack_fixture *puf = test->priv; | |
304 | void *start = puf->e->pos; | |
305 | char *string = NULL; | |
306 | int size; | |
307 | ||
308 | puf->e->end = puf->e->pos + TEST_STRING_BUF_OFFSET | |
309 | + strlen(TEST_STRING_DATA) - 1; | |
310 | ||
b11e51dd | 311 | size = aa_unpack_strdup(puf->e, &string, TEST_STRING_NAME); |
4d944bcd MS |
312 | |
313 | KUNIT_EXPECT_EQ(test, size, 0); | |
5f91bd9f | 314 | KUNIT_EXPECT_NULL(test, string); |
4d944bcd MS |
315 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start); |
316 | } | |
317 | ||
318 | static void policy_unpack_test_unpack_nameX_with_null_name(struct kunit *test) | |
319 | { | |
320 | struct policy_unpack_fixture *puf = test->priv; | |
321 | bool success; | |
322 | ||
323 | puf->e->pos += TEST_U32_BUF_OFFSET; | |
324 | ||
b11e51dd | 325 | success = aa_unpack_nameX(puf->e, AA_U32, NULL); |
4d944bcd MS |
326 | |
327 | KUNIT_EXPECT_TRUE(test, success); | |
328 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
329 | puf->e->start + TEST_U32_BUF_OFFSET + 1); | |
330 | } | |
331 | ||
332 | static void policy_unpack_test_unpack_nameX_with_wrong_code(struct kunit *test) | |
333 | { | |
334 | struct policy_unpack_fixture *puf = test->priv; | |
335 | bool success; | |
336 | ||
337 | puf->e->pos += TEST_U32_BUF_OFFSET; | |
338 | ||
b11e51dd | 339 | success = aa_unpack_nameX(puf->e, AA_BLOB, NULL); |
4d944bcd MS |
340 | |
341 | KUNIT_EXPECT_FALSE(test, success); | |
342 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
343 | puf->e->start + TEST_U32_BUF_OFFSET); | |
344 | } | |
345 | ||
346 | static void policy_unpack_test_unpack_nameX_with_name(struct kunit *test) | |
347 | { | |
348 | struct policy_unpack_fixture *puf = test->priv; | |
349 | const char name[] = TEST_U32_NAME; | |
350 | bool success; | |
351 | ||
352 | puf->e->pos += TEST_NAMED_U32_BUF_OFFSET; | |
353 | ||
b11e51dd | 354 | success = aa_unpack_nameX(puf->e, AA_U32, name); |
4d944bcd MS |
355 | |
356 | KUNIT_EXPECT_TRUE(test, success); | |
357 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
358 | puf->e->start + TEST_U32_BUF_OFFSET + 1); | |
359 | } | |
360 | ||
361 | static void policy_unpack_test_unpack_nameX_with_wrong_name(struct kunit *test) | |
362 | { | |
363 | struct policy_unpack_fixture *puf = test->priv; | |
364 | static const char name[] = "12345678"; | |
365 | bool success; | |
366 | ||
367 | puf->e->pos += TEST_NAMED_U32_BUF_OFFSET; | |
368 | ||
b11e51dd | 369 | success = aa_unpack_nameX(puf->e, AA_U32, name); |
4d944bcd MS |
370 | |
371 | KUNIT_EXPECT_FALSE(test, success); | |
372 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
373 | puf->e->start + TEST_NAMED_U32_BUF_OFFSET); | |
374 | } | |
375 | ||
376 | static void policy_unpack_test_unpack_u16_chunk_basic(struct kunit *test) | |
377 | { | |
378 | struct policy_unpack_fixture *puf = test->priv; | |
379 | char *chunk = NULL; | |
380 | size_t size; | |
381 | ||
382 | puf->e->pos += TEST_U16_OFFSET; | |
383 | /* | |
384 | * WARNING: For unit testing purposes, we're pushing puf->e->end past | |
385 | * the end of the allocated memory. Doing anything other than comparing | |
386 | * memory addresses is dangerous. | |
387 | */ | |
388 | puf->e->end += TEST_U16_DATA; | |
389 | ||
b11e51dd | 390 | size = aa_unpack_u16_chunk(puf->e, &chunk); |
4d944bcd | 391 | |
e2f76ad7 | 392 | KUNIT_EXPECT_PTR_EQ(test, chunk, |
4d944bcd | 393 | puf->e->start + TEST_U16_OFFSET + 2); |
e2f76ad7 DG |
394 | KUNIT_EXPECT_EQ(test, size, TEST_U16_DATA); |
395 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, (chunk + TEST_U16_DATA)); | |
4d944bcd MS |
396 | } |
397 | ||
398 | static void policy_unpack_test_unpack_u16_chunk_out_of_bounds_1( | |
399 | struct kunit *test) | |
400 | { | |
401 | struct policy_unpack_fixture *puf = test->priv; | |
402 | char *chunk = NULL; | |
403 | size_t size; | |
404 | ||
405 | puf->e->pos = puf->e->end - 1; | |
406 | ||
b11e51dd | 407 | size = aa_unpack_u16_chunk(puf->e, &chunk); |
4d944bcd | 408 | |
e2f76ad7 | 409 | KUNIT_EXPECT_EQ(test, size, 0); |
5f91bd9f | 410 | KUNIT_EXPECT_NULL(test, chunk); |
4d944bcd MS |
411 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, puf->e->end - 1); |
412 | } | |
413 | ||
414 | static void policy_unpack_test_unpack_u16_chunk_out_of_bounds_2( | |
415 | struct kunit *test) | |
416 | { | |
417 | struct policy_unpack_fixture *puf = test->priv; | |
418 | char *chunk = NULL; | |
419 | size_t size; | |
420 | ||
421 | puf->e->pos += TEST_U16_OFFSET; | |
422 | /* | |
423 | * WARNING: For unit testing purposes, we're pushing puf->e->end past | |
424 | * the end of the allocated memory. Doing anything other than comparing | |
425 | * memory addresses is dangerous. | |
426 | */ | |
427 | puf->e->end = puf->e->pos + TEST_U16_DATA - 1; | |
428 | ||
b11e51dd | 429 | size = aa_unpack_u16_chunk(puf->e, &chunk); |
4d944bcd | 430 | |
e2f76ad7 | 431 | KUNIT_EXPECT_EQ(test, size, 0); |
5f91bd9f | 432 | KUNIT_EXPECT_NULL(test, chunk); |
4d944bcd MS |
433 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, puf->e->start + TEST_U16_OFFSET); |
434 | } | |
435 | ||
436 | static void policy_unpack_test_unpack_u32_with_null_name(struct kunit *test) | |
437 | { | |
438 | struct policy_unpack_fixture *puf = test->priv; | |
439 | bool success; | |
ba77f390 | 440 | u32 data = 0; |
4d944bcd MS |
441 | |
442 | puf->e->pos += TEST_U32_BUF_OFFSET; | |
443 | ||
b11e51dd | 444 | success = aa_unpack_u32(puf->e, &data, NULL); |
4d944bcd MS |
445 | |
446 | KUNIT_EXPECT_TRUE(test, success); | |
447 | KUNIT_EXPECT_EQ(test, data, TEST_U32_DATA); | |
448 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
449 | puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32) + 1); | |
450 | } | |
451 | ||
452 | static void policy_unpack_test_unpack_u32_with_name(struct kunit *test) | |
453 | { | |
454 | struct policy_unpack_fixture *puf = test->priv; | |
455 | const char name[] = TEST_U32_NAME; | |
456 | bool success; | |
ba77f390 | 457 | u32 data = 0; |
4d944bcd MS |
458 | |
459 | puf->e->pos += TEST_NAMED_U32_BUF_OFFSET; | |
460 | ||
b11e51dd | 461 | success = aa_unpack_u32(puf->e, &data, name); |
4d944bcd MS |
462 | |
463 | KUNIT_EXPECT_TRUE(test, success); | |
464 | KUNIT_EXPECT_EQ(test, data, TEST_U32_DATA); | |
465 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
466 | puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32) + 1); | |
467 | } | |
468 | ||
469 | static void policy_unpack_test_unpack_u32_out_of_bounds(struct kunit *test) | |
470 | { | |
471 | struct policy_unpack_fixture *puf = test->priv; | |
472 | const char name[] = TEST_U32_NAME; | |
473 | bool success; | |
ba77f390 | 474 | u32 data = 0; |
4d944bcd MS |
475 | |
476 | puf->e->pos += TEST_NAMED_U32_BUF_OFFSET; | |
477 | puf->e->end = puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32); | |
478 | ||
b11e51dd | 479 | success = aa_unpack_u32(puf->e, &data, name); |
4d944bcd MS |
480 | |
481 | KUNIT_EXPECT_FALSE(test, success); | |
482 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
483 | puf->e->start + TEST_NAMED_U32_BUF_OFFSET); | |
484 | } | |
485 | ||
486 | static void policy_unpack_test_unpack_u64_with_null_name(struct kunit *test) | |
487 | { | |
488 | struct policy_unpack_fixture *puf = test->priv; | |
489 | bool success; | |
ba77f390 | 490 | u64 data = 0; |
4d944bcd MS |
491 | |
492 | puf->e->pos += TEST_U64_BUF_OFFSET; | |
493 | ||
b11e51dd | 494 | success = aa_unpack_u64(puf->e, &data, NULL); |
4d944bcd MS |
495 | |
496 | KUNIT_EXPECT_TRUE(test, success); | |
497 | KUNIT_EXPECT_EQ(test, data, TEST_U64_DATA); | |
498 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
499 | puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64) + 1); | |
500 | } | |
501 | ||
502 | static void policy_unpack_test_unpack_u64_with_name(struct kunit *test) | |
503 | { | |
504 | struct policy_unpack_fixture *puf = test->priv; | |
505 | const char name[] = TEST_U64_NAME; | |
506 | bool success; | |
ba77f390 | 507 | u64 data = 0; |
4d944bcd MS |
508 | |
509 | puf->e->pos += TEST_NAMED_U64_BUF_OFFSET; | |
510 | ||
b11e51dd | 511 | success = aa_unpack_u64(puf->e, &data, name); |
4d944bcd MS |
512 | |
513 | KUNIT_EXPECT_TRUE(test, success); | |
514 | KUNIT_EXPECT_EQ(test, data, TEST_U64_DATA); | |
515 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
516 | puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64) + 1); | |
517 | } | |
518 | ||
519 | static void policy_unpack_test_unpack_u64_out_of_bounds(struct kunit *test) | |
520 | { | |
521 | struct policy_unpack_fixture *puf = test->priv; | |
522 | const char name[] = TEST_U64_NAME; | |
523 | bool success; | |
ba77f390 | 524 | u64 data = 0; |
4d944bcd MS |
525 | |
526 | puf->e->pos += TEST_NAMED_U64_BUF_OFFSET; | |
527 | puf->e->end = puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64); | |
528 | ||
b11e51dd | 529 | success = aa_unpack_u64(puf->e, &data, name); |
4d944bcd MS |
530 | |
531 | KUNIT_EXPECT_FALSE(test, success); | |
532 | KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, | |
533 | puf->e->start + TEST_NAMED_U64_BUF_OFFSET); | |
534 | } | |
535 | ||
536 | static void policy_unpack_test_unpack_X_code_match(struct kunit *test) | |
537 | { | |
538 | struct policy_unpack_fixture *puf = test->priv; | |
b11e51dd | 539 | bool success = aa_unpack_X(puf->e, AA_NAME); |
4d944bcd MS |
540 | |
541 | KUNIT_EXPECT_TRUE(test, success); | |
542 | KUNIT_EXPECT_TRUE(test, puf->e->pos == puf->e->start + 1); | |
543 | } | |
544 | ||
545 | static void policy_unpack_test_unpack_X_code_mismatch(struct kunit *test) | |
546 | { | |
547 | struct policy_unpack_fixture *puf = test->priv; | |
b11e51dd | 548 | bool success = aa_unpack_X(puf->e, AA_STRING); |
4d944bcd MS |
549 | |
550 | KUNIT_EXPECT_FALSE(test, success); | |
551 | KUNIT_EXPECT_TRUE(test, puf->e->pos == puf->e->start); | |
552 | } | |
553 | ||
554 | static void policy_unpack_test_unpack_X_out_of_bounds(struct kunit *test) | |
555 | { | |
556 | struct policy_unpack_fixture *puf = test->priv; | |
557 | bool success; | |
558 | ||
559 | puf->e->pos = puf->e->end; | |
b11e51dd | 560 | success = aa_unpack_X(puf->e, AA_NAME); |
4d944bcd MS |
561 | |
562 | KUNIT_EXPECT_FALSE(test, success); | |
563 | } | |
564 | ||
565 | static struct kunit_case apparmor_policy_unpack_test_cases[] = { | |
566 | KUNIT_CASE(policy_unpack_test_inbounds_when_inbounds), | |
567 | KUNIT_CASE(policy_unpack_test_inbounds_when_out_of_bounds), | |
568 | KUNIT_CASE(policy_unpack_test_unpack_array_with_null_name), | |
569 | KUNIT_CASE(policy_unpack_test_unpack_array_with_name), | |
570 | KUNIT_CASE(policy_unpack_test_unpack_array_out_of_bounds), | |
571 | KUNIT_CASE(policy_unpack_test_unpack_blob_with_null_name), | |
572 | KUNIT_CASE(policy_unpack_test_unpack_blob_with_name), | |
573 | KUNIT_CASE(policy_unpack_test_unpack_blob_out_of_bounds), | |
574 | KUNIT_CASE(policy_unpack_test_unpack_nameX_with_null_name), | |
575 | KUNIT_CASE(policy_unpack_test_unpack_nameX_with_wrong_code), | |
576 | KUNIT_CASE(policy_unpack_test_unpack_nameX_with_name), | |
577 | KUNIT_CASE(policy_unpack_test_unpack_nameX_with_wrong_name), | |
578 | KUNIT_CASE(policy_unpack_test_unpack_str_with_null_name), | |
579 | KUNIT_CASE(policy_unpack_test_unpack_str_with_name), | |
580 | KUNIT_CASE(policy_unpack_test_unpack_str_out_of_bounds), | |
581 | KUNIT_CASE(policy_unpack_test_unpack_strdup_with_null_name), | |
582 | KUNIT_CASE(policy_unpack_test_unpack_strdup_with_name), | |
583 | KUNIT_CASE(policy_unpack_test_unpack_strdup_out_of_bounds), | |
584 | KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_basic), | |
585 | KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_out_of_bounds_1), | |
586 | KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_out_of_bounds_2), | |
587 | KUNIT_CASE(policy_unpack_test_unpack_u32_with_null_name), | |
588 | KUNIT_CASE(policy_unpack_test_unpack_u32_with_name), | |
589 | KUNIT_CASE(policy_unpack_test_unpack_u32_out_of_bounds), | |
590 | KUNIT_CASE(policy_unpack_test_unpack_u64_with_null_name), | |
591 | KUNIT_CASE(policy_unpack_test_unpack_u64_with_name), | |
592 | KUNIT_CASE(policy_unpack_test_unpack_u64_out_of_bounds), | |
593 | KUNIT_CASE(policy_unpack_test_unpack_X_code_match), | |
594 | KUNIT_CASE(policy_unpack_test_unpack_X_code_mismatch), | |
595 | KUNIT_CASE(policy_unpack_test_unpack_X_out_of_bounds), | |
596 | {}, | |
597 | }; | |
598 | ||
599 | static struct kunit_suite apparmor_policy_unpack_test_module = { | |
600 | .name = "apparmor_policy_unpack", | |
601 | .init = policy_unpack_test_init, | |
602 | .test_cases = apparmor_policy_unpack_test_cases, | |
603 | }; | |
604 | ||
605 | kunit_test_suite(apparmor_policy_unpack_test_module); | |
b11e51dd | 606 | |
4b954a02 | 607 | MODULE_DESCRIPTION("KUnit tests for AppArmor's policy unpack"); |
b11e51dd | 608 | MODULE_LICENSE("GPL"); |