オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.6.x/ccs-tools/ccstools/kernel_test/tomoyo_new_file_test.c

Annotation of /trunk/1.6.x/ccs-tools/ccstools/kernel_test/tomoyo_new_file_test.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1066 - (hide annotations) (download) (as text)
Fri Mar 28 15:38:24 2008 UTC (16 years, 1 month ago) by kumaneko
File MIME type: text/x-csrc
File size: 12515 byte(s) 






















1

kumaneko
1066

/*








2

 
 

 * tomoyo_file_test.c








3

 
 

 *








4

 
 

 * Testing program for fs/tomoyo_file.c








5

 
 

 *








6

 
 

 * Copyright (C) 2005-2008  NTT DATA CORPORATION








7

 
 

 *








8

 
 

 * Version: 1.6.0-rc   2008/03/28








9

 
 

 *








10

 
 

 */








11

 
 

#include "include.h"








12

 
 










13

 
 

static int profile_fd = EOF;








14

 
 

static int domain_fd = EOF;








15

 
 

static const char *policy = "";








16

 
 

static char self_domain[4096] = "";








17

 
 










18

 
 

static int write_policy(void) {








19

 
 

        FILE *fp;








20

 
 

        char buffer[8192];








21

 
 

        char *cp;








22

 
 

        int domain_found = 0;








23

 
 

        int policy_found = 0;








24

 
 

        memset(buffer, 0, sizeof(buffer));








25

 
 

        cp = "255-MAC_FOR_FILE=disabled\n";








26

 
 

        write(profile_fd, cp, strlen(cp));








27

 
 

        fp = fopen(proc_policy_domain_policy, "r");








28

 
 

        cp = "255-MAC_FOR_FILE=enforcing\n";








29

 
 

        write(profile_fd, cp, strlen(cp));








30

 
 

        write(domain_fd, policy, strlen(policy));








31

 
 

        write(domain_fd, "\n", 1);








32

 
 

        if (!fp) {








33

 
 

                printf("%s : BUG: policy read failed\n", policy);








34

 
 

                return 0;








35

 
 

        }








36

 
 

        while (fgets(buffer, sizeof(buffer) - 1, fp)) {








37

 
 

                cp = strchr(buffer, '\n');








38

 
 

                if (cp) *cp = '\0';








39

 
 

                if (!strncmp(buffer, "<kernel>", 8)) domain_found = !strcmp(self_domain, buffer);








40

 
 

                if (domain_found) {








41

 
 

                        //printf("<%s>\n", buffer);








42

 
 

                        if (!strcmp(buffer, policy)) {








43

 
 

                                policy_found = 1;








44

 
 

                                break;








45

 
 

                        }








46

 
 

                }








47

 
 

        }








48

 
 

        fclose(fp);








49

 
 

        if (!policy_found) {








50

 
 

                printf("%s : BUG: policy write failed\n", policy);








51

 
 

                return 0;








52

 
 

        }








53

 
 

        errno = 0;








54

 
 

        return 1;








55

 
 

}








56

 
 










57

 
 

static void delete_policy(void) {








58

 
 

        write(domain_fd, "delete ", 7);








59

 
 

        write(domain_fd, policy, strlen(policy));








60

 
 

        write(domain_fd, "\n", 1);








61

 
 

}








62

 
 










63

 
 

static void show_result(int result, char should_success) {








64

 
 

        int err = errno;








65

 
 

        printf("%s : ", policy);








66

 
 

        if (should_success) {








67

 
 

                if (result != EOF) printf("OK\n");








68

 
 

                else printf("FAILED: %s\n", strerror(err));








69

 
 

        } else {








70

 
 

                if (result == EOF) {








71

 
 

                        if (err == EPERM) printf("OK: Permission denied.\n");








72

 
 

                        else printf("FAILED: %s\n", strerror(err));








73

 
 

                } else {








74

 
 

                        printf("BUG: didn't fail.\n");








75

 
 

                }








76

 
 

        }








77

 
 

}








78

 
 










79

 
 

static void create2(const char *pathname) {








80

 
 

        const char *cp = "255-MAC_FOR_FILE=disabled\n";








81

 
 

        write(profile_fd, cp, strlen(cp));








82

 
 

        close(creat(pathname, 0600));








83

 
 

        cp = "255-MAC_FOR_FILE=enforcing\n";








84

 
 

        write(profile_fd, cp, strlen(cp));








85

 
 

}








86

 
 










87

 
 

static void mkdir2(const char *pathname) {








88

 
 

        const char *cp = "255-MAC_FOR_FILE=disabled\n";








89

 
 

        write(profile_fd, cp, strlen(cp));








90

 
 

        mkdir(pathname, 0600);








91

 
 

        cp = "255-MAC_FOR_FILE=enforcing\n";








92

 
 

        write(profile_fd, cp, strlen(cp));








93

 
 

}








94

 
 










95

 
 

static void unlink2(const char *pathname) {








96

 
 

        const char *cp = "255-MAC_FOR_FILE=disabled\n";








97

 
 

        write(profile_fd, cp, strlen(cp));








98

 
 

        unlink(pathname);








99

 
 

        cp = "255-MAC_FOR_FILE=enforcing\n";








100

 
 

        write(profile_fd, cp, strlen(cp));








101

 
 

}                       








102

 
 










103

 
 

static void rmdir2(const char *pathname) {








104

 
 

        const char *cp = "255-MAC_FOR_FILE=disabled\n";








105

 
 

        write(profile_fd, cp, strlen(cp));








106

 
 

        rmdir(pathname);








107

 
 

        cp = "255-MAC_FOR_FILE=enforcing\n";








108

 
 

        write(profile_fd, cp, strlen(cp));








109

 
 

}








110

 
 










111

 
 

static void StageFileTest(void) {








112

 
 

        char *filename = "";








113

 
 

        policy = "allow_read /proc/sys/net/ipv4/ip_local_port_range";








114

 
 

        if (write_policy()) {








115

 
 

                static int name[] = { CTL_NET, NET_IPV4, NET_IPV4_LOCAL_PORT_RANGE };








116

 
 

                int buffer[2] = { 32768, 61000 };








117

 
 

                size_t size = sizeof(buffer);








118

 
 

                show_result(sysctl(name, 3, buffer, &size, 0, 0), 1);








119

 
 

                delete_policy();








120

 
 

                show_result(sysctl(name, 3, buffer, &size, 0, 0), 0);








121

 
 

        }








122

 
 

        policy = "allow_write /proc/sys/net/ipv4/ip_local_port_range";








123

 
 

        if (write_policy()) {








124

 
 

                static int name[] = { CTL_NET, NET_IPV4, NET_IPV4_LOCAL_PORT_RANGE };








125

 
 

                int buffer[2] = { 32768, 61000 };








126

 
 

                size_t size = sizeof(buffer);








127

 
 

                show_result(sysctl(name, 3, 0, 0, buffer, size), 1);








128

 
 

                delete_policy();








129

 
 

                show_result(sysctl(name, 3, 0, 0, buffer, size), 0);








130

 
 

        }








131

 
 

        policy = "allow_read/write /proc/sys/net/ipv4/ip_local_port_range";








132

 
 

        if (write_policy()) {








133

 
 

                static int name[] = { CTL_NET, NET_IPV4, NET_IPV4_LOCAL_PORT_RANGE };








134

 
 

                int buffer[2] = { 32768, 61000 };








135

 
 

                size_t size = sizeof(buffer);








136

 
 

                show_result(sysctl(name, 3, buffer, &size, buffer, size), 1);








137

 
 

                delete_policy();








138

 
 

                show_result(sysctl(name, 3, buffer, &size, buffer, size), 0);








139

 
 

        }








140

 
 










141

 
 

        policy = "allow_read /bin/true";








142

 
 

        if (write_policy()) {








143

 
 

                show_result(uselib("/bin/true"), 1);








144

 
 

                delete_policy();








145

 
 

                show_result(uselib("/bin/true"), 0);








146

 
 

        }








147

 
 










148

 
 

        policy = "allow_execute /bin/true";








149

 
 

        if (write_policy()) {








150

 
 

                int pipe_fd[2] = { EOF, EOF };








151

 
 

                int err = 0;








152

 
 

                fflush(stdout); fflush(stderr);








153

 
 

                pipe(pipe_fd);








154

 
 

                if (fork() == 0) {








155

 
 

                        execl("/bin/true", "/bin/true", NULL);








156

 
 

                        err = errno;








157

 
 

                        write(pipe_fd[1], &err, sizeof(err));








158

 
 

                        _exit(0);








159

 
 

                }








160

 
 

                close(pipe_fd[1]);








161

 
 

                read(pipe_fd[0], &err, sizeof(err));








162

 
 

                close(pipe_fd[0]);








163

 
 

                wait(NULL);








164

 
 

                errno = err;








165

 
 

                show_result(err ? EOF : 0, 1);








166

 
 

                delete_policy();








167

 
 

                fflush(stdout); fflush(stderr);








168

 
 

                pipe(pipe_fd);








169

 
 

                if (fork() == 0) {








170

 
 

                        execl("/bin/true", "/bin/true", NULL);








171

 
 

                        err = errno;








172

 
 

                        write(pipe_fd[1], &err, sizeof(err));








173

 
 

                        _exit(0);








174

 
 

                }








175

 
 

                close(pipe_fd[1]);








176

 
 

                read(pipe_fd[0], &err, sizeof(err));








177

 
 

                close(pipe_fd[0]);








178

 
 

                wait(NULL);








179

 
 

                errno = err;








180

 
 

                show_result(err ? EOF : 0, 0);








181

 
 

        }








182

 
 










183

 
 

        policy = "allow_read /dev/null";








184

 
 

        if (write_policy()) {








185

 
 

                int fd = open("/dev/null", O_RDONLY);








186

 
 

                show_result(fd, 1);








187

 
 

                if (fd != EOF) close(fd);








188

 
 

                delete_policy();








189

 
 

                fd = open("/dev/null", O_RDONLY);








190

 
 

                show_result(fd, 0);








191

 
 

                if (fd != EOF) close(fd);








192

 
 

        }








193

 
 










194

 
 

        policy = "allow_write /dev/null";








195

 
 

        if (write_policy()) {








196

 
 

                int fd = open("/dev/null", O_WRONLY);








197

 
 

                show_result(fd, 1);








198

 
 

                if (fd != EOF) close(fd);








199

 
 

                delete_policy();








200

 
 

                fd = open("/dev/null", O_WRONLY);








201

 
 

                show_result(fd, 0);








202

 
 

                if (fd != EOF) close(fd);








203

 
 

        }








204

 
 










205

 
 

        policy = "allow_read/write /dev/null";








206

 
 

        if (write_policy()) {








207

 
 

                int fd = open("/dev/null", O_RDWR);








208

 
 

                show_result(fd, 1);








209

 
 

                if (fd != EOF) close(fd);








210

 
 

                delete_policy();








211

 
 

                fd = open("/dev/null", O_RDWR);








212

 
 

                show_result(fd, 0);








213

 
 

                if (fd != EOF) close(fd);








214

 
 

        }








215

 
 










216

 
 

        policy = "allow_create /tmp/open_test";








217

 
 

        if (write_policy()) {








218

 
 

                policy = "allow_write /tmp/open_test";








219

 
 

                if (write_policy()) {








220

 
 

                        int fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0666);








221

 
 

                        show_result(fd, 1);








222

 
 

                        if (fd != EOF) close(fd);








223

 
 

                        unlink2("/tmp/open_test");








224

 
 

                        delete_policy();








225

 
 

                        fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0666);








226

 
 

                        show_result(fd, 0);








227

 
 

                        if (fd != EOF) close(fd);








228

 
 

                        unlink2("/tmp/open_test");








229

 
 

                }








230

 
 

                policy = "allow_create /tmp/open_test\n";








231

 
 

                delete_policy();








232

 
 

        }








233

 
 










234

 
 

        policy = "allow_write /tmp/open_test";








235

 
 

        if (write_policy()) {








236

 
 

                policy = "allow_create /tmp/open_test";








237

 
 

                if (write_policy()) {








238

 
 

                        int fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0666);








239

 
 

                        show_result(fd, 1);








240

 
 

                        if (fd != EOF) close(fd);








241

 
 

                        unlink2("/tmp/open_test");








242

 
 

                        delete_policy();








243

 
 

                        fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0666);








244

 
 

                        show_result(fd, 0);








245

 
 

                        if (fd != EOF) close(fd);








246

 
 

                        unlink2("/tmp/open_test");








247

 
 

                }








248

 
 

                policy = "allow_write /tmp/open_test\n";








249

 
 

                delete_policy();








250

 
 

        }








251

 
 










252

 
 

        filename = "/tmp/truncate_test";








253

 
 

        create2(filename);








254

 
 










255

 
 

        policy = "allow_truncate /tmp/truncate_test";








256

 
 

        if (write_policy()) {








257

 
 

                policy = "allow_write /tmp/truncate_test";








258

 
 

                if (write_policy()) {








259

 
 

                        int fd = open(filename, O_WRONLY | O_TRUNC);








260

 
 

                        show_result(fd, 1);








261

 
 

                        if (fd != EOF) close(fd);








262

 
 

                        delete_policy();








263

 
 

                        fd = open(filename, O_WRONLY | O_TRUNC);








264

 
 

                        show_result(fd, 0);








265

 
 

                        if (fd != EOF) close(fd);








266

 
 

                }








267

 
 

                policy = "allow_truncate /tmp/truncate_test";








268

 
 

                delete_policy();








269

 
 

        }








270

 
 










271

 
 

        policy = "allow_write /tmp/truncate_test";








272

 
 

        if (write_policy()) {








273

 
 

                policy = "allow_truncate /tmp/truncate_test";








274

 
 

                if (write_policy()) {








275

 
 

                        int fd = open(filename, O_WRONLY | O_TRUNC);








276

 
 

                        show_result(fd, 1);








277

 
 

                        if (fd != EOF) close(fd);








278

 
 

                        delete_policy();








279

 
 

                        fd = open(filename, O_WRONLY | O_TRUNC);








280

 
 

                        show_result(fd, 0);








281

 
 

                        if (fd != EOF) close(fd);








282

 
 

                }








283

 
 

                policy = "allow_write /tmp/truncate_test\n";








284

 
 

                delete_policy();








285

 
 

        }








286

 
 

        








287

 
 

        policy = "allow_truncate /tmp/truncate_test";








288

 
 

        if (write_policy()) {








289

 
 

                show_result(truncate(filename, 0), 1);








290

 
 

                delete_policy();








291

 
 

                show_result(truncate(filename, 0), 0);








292

 
 

        }








293

 
 










294

 
 

        policy = "allow_truncate /tmp/truncate_test";








295

 
 

        if (write_policy()) {








296

 
 

                int fd;








297

 
 

                const char *cp = "255-MAC_FOR_FILE=disabled\n";








298

 
 

                write(profile_fd, cp, strlen(cp));








299

 
 

                fd = open(filename, O_WRONLY);








300

 
 

                cp = "255-MAC_FOR_FILE=enforcing\n";








301

 
 

                write(profile_fd, cp, strlen(cp));








302

 
 

                show_result(ftruncate(fd, 0), 1);








303

 
 

                delete_policy();








304

 
 

                show_result(ftruncate(fd, 0), 0);








305

 
 

                if (fd != EOF) close(fd);








306

 
 

        }








307

 
 

        








308

 
 

        unlink2(filename);








309

 
 

        








310

 
 

        policy = "allow_create /tmp/mknod_reg_test";








311

 
 

        if (write_policy()) {








312

 
 

                filename = "/tmp/mknod_reg_test";








313

 
 

                show_result(mknod(filename, S_IFREG, 0), 1);








314

 
 

                delete_policy();








315

 
 

                unlink2(filename);








316

 
 

                show_result(mknod(filename, S_IFREG, 0), 0);








317

 
 

        }








318

 
 










319

 
 

        policy = "allow_mkchar /tmp/mknod_chr_test";








320

 
 

        if (write_policy()) {








321

 
 

                filename = "/tmp/mknod_chr_test";








322

 
 

                show_result(mknod(filename, S_IFCHR, MKDEV(1, 3)), 1);








323

 
 

                delete_policy();








324

 
 

                unlink2(filename);








325

 
 

                show_result(mknod(filename, S_IFCHR, MKDEV(1, 3)), 0);








326

 
 

        }








327

 
 










328

 
 

        policy = "allow_mkblock /tmp/mknod_blk_test";








329

 
 

        if (write_policy()) {








330

 
 

                filename = "/tmp/mknod_blk_test";








331

 
 

                show_result(mknod(filename, S_IFBLK, MKDEV(1, 0)), 1);








332

 
 

                delete_policy();








333

 
 

                unlink2(filename);








334

 
 

                show_result(mknod(filename, S_IFBLK, MKDEV(1, 0)), 0);








335

 
 

        }








336

 
 










337

 
 

        policy = "allow_mkfifo /tmp/mknod_fifo_test";








338

 
 

        if (write_policy()) {








339

 
 

                filename = "/tmp/mknod_fifo_test";








340

 
 

                show_result(mknod(filename, S_IFIFO, 0), 1);








341

 
 

                delete_policy();








342

 
 

                unlink2(filename);








343

 
 

                show_result(mknod(filename, S_IFIFO, 0), 0);








344

 
 

        }








345

 
 










346

 
 

        policy = "allow_mksock /tmp/mknod_sock_test";








347

 
 

        if (write_policy()) {








348

 
 

                filename = "/tmp/mknod_sock_test";








349

 
 

                show_result(mknod(filename, S_IFSOCK, 0), 1);








350

 
 

                delete_policy();








351

 
 

                unlink2(filename);








352

 
 

                show_result(mknod(filename, S_IFSOCK, 0), 0);








353

 
 

        }








354

 
 

        








355

 
 

        policy = "allow_mkdir /tmp/mkdir_test/";








356

 
 

        if (write_policy()) {








357

 
 

                filename = "/tmp/mkdir_test";








358

 
 

                show_result(mkdir(filename, 0600), 1);








359

 
 

                delete_policy();








360

 
 

                rmdir2(filename);








361

 
 

                show_result(mkdir(filename, 0600), 0);








362

 
 

        }








363

 
 

        








364

 
 

        policy = "allow_rmdir /tmp/rmdir_test/";








365

 
 

        if (write_policy()) {








366

 
 

                filename = "/tmp/rmdir_test";








367

 
 

                mkdir2(filename);








368

 
 

                show_result(rmdir(filename), 1);








369

 
 

                delete_policy();








370

 
 

                mkdir2(filename);








371

 
 

                show_result(rmdir(filename), 0);








372

 
 

                rmdir2(filename);








373

 
 

        }








374

 
 

        








375

 
 

        policy = "allow_unlink /tmp/unlink_test";








376

 
 

        if (write_policy()) {








377

 
 

                filename = "/tmp/unlink_test";








378

 
 

                create2(filename);








379

 
 

                show_result(unlink(filename), 1);








380

 
 

                delete_policy();








381

 
 

                create2(filename);








382

 
 

                show_result(unlink(filename), 0);








383

 
 

                unlink2(filename);








384

 
 

        }








385

 
 

        








386

 
 

        policy = "allow_symlink /tmp/symlink_source_test";








387

 
 

        if (write_policy()) {








388

 
 

                filename = "/tmp/symlink_source_test";








389

 
 

                show_result(symlink("/tmp/symlink_dest_test", filename), 1);








390

 
 

                delete_policy();








391

 
 

                unlink2(filename);








392

 
 

                show_result(symlink("/tmp/symlink_dest_test", filename), 0);








393

 
 

        }








394

 
 

        








395

 
 

        policy = "allow_link /tmp/link_source_test /tmp/link_dest_test";








396

 
 

        if (write_policy()) {








397

 
 

                filename = "/tmp/link_source_test";








398

 
 

                create2(filename);








399

 
 

                show_result(link(filename, "/tmp/link_dest_test"), 1);








400

 
 

                delete_policy();








401

 
 

                unlink2("/tmp/link_dest_test");








402

 
 

                show_result(link(filename, "/tmp/link_dest_test"), 0);








403

 
 

                unlink2(filename);








404

 
 

        }








405

 
 










406

 
 

        policy = "allow_rename /tmp/rename_source_test /tmp/rename_dest_test";








407

 
 

        if (write_policy()) {








408

 
 

                filename = "/tmp/rename_source_test";








409

 
 

                create2(filename);








410

 
 

                show_result(rename(filename, "/tmp/rename_dest_test"), 1);








411

 
 

                delete_policy();








412

 
 

                unlink2("/tmp/rename_dest_test");








413

 
 

                create2(filename);








414

 
 

                show_result(rename(filename, "/tmp/rename_dest_test"), 0);








415

 
 

                unlink2(filename);








416

 
 

        }








417

 
 










418

 
 

        policy = "allow_mksock /tmp/socket_test";








419

 
 

        if (write_policy()) {








420

 
 

                struct sockaddr_un addr;








421

 
 

                int fd;








422

 
 

                filename = "/tmp/socket_test";








423

 
 

                memset(&addr, 0, sizeof(addr));








424

 
 

                addr.sun_family = AF_UNIX;








425

 
 

                strncpy(addr.sun_path, filename, sizeof(addr.sun_path) - 1);








426

 
 

                fd = socket(AF_UNIX, SOCK_STREAM, 0);








427

 
 

                show_result(bind(fd, (struct sockaddr *) &addr, sizeof(addr)), 1);








428

 
 

                if (fd != EOF) close(fd);








429

 
 

                delete_policy();








430

 
 

                unlink2(filename);








431

 
 

                fd = socket(AF_UNIX, SOCK_STREAM, 0);








432

 
 

                show_result(bind(fd, (struct sockaddr *) &addr, sizeof(addr)), 0);








433

 
 

                if (fd != EOF) close(fd);








434

 
 

        }








435

 
 

}








436

 
 










437

 
 

int main(int argc, char *argv[]) {








438

 
 

        char *cp;








439

 
 

        Init();








440

 
 

        profile_fd = open(proc_policy_profile, O_WRONLY);








441

 
 

        domain_fd = open(proc_policy_domain_policy, O_WRONLY);








442

 
 

        {








443

 
 

                int self_fd = open(proc_policy_self_domain, O_RDONLY);








444

 
 

                memset(self_domain, 0, sizeof(self_domain));








445

 
 

                read(self_fd, self_domain, sizeof(self_domain) - 1);








446

 
 

                close(self_fd);








447

 
 

                write(domain_fd, self_domain, strlen(self_domain));








448

 
 

                cp = " /bin/true\n";








449

 
 

                write(domain_fd, cp, strlen(cp));








450

 
 

                write(domain_fd, self_domain, strlen(self_domain));








451

 
 

                write(domain_fd, "\n", 1);








452

 
 

                cp = "use_profile 255\n";








453

 
 

                write(domain_fd, cp, strlen(cp));








454

 
 

        }








455

 
 

        cp = "255-MAX_REJECT_LOG=1024\n";








456

 
 

        write(profile_fd, cp, strlen(cp));








457

 
 

        StageFileTest();








458

 
 

        cp = "use_profile 0\n";








459

 
 

        write(domain_fd, cp, strlen(cp));








460

 
 

        ClearStatus();








461

 
 

        return 0;








462

 
 

}




















Back to OSDN">Back to OSDN

ViewVC Help




Powered by ViewVC 1.1.26
 



















サイト情報





ソフトウェアを探す





ソフトウェアを作る





コミュニティ





ヘルプ