[PATCH testsuite 20/24] tests/binder: check only the type part of the context

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This will allow running the testsuite from other contexts than the usual
unconfined.

Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
---
 tests/binder/binder_common.h    |  1 +
 tests/binder/service_provider.c | 31 +++++++++++++++++++------------
 tests/binder/test               |  2 +-
 3 files changed, 21 insertions(+), 13 deletions(-)

diff --git a/tests/binder/binder_common.h b/tests/binder/binder_common.h
index 319b5dd..e516617 100644
--- a/tests/binder/binder_common.h
+++ b/tests/binder/binder_common.h
@@ -14,6 +14,7 @@
 #include <sys/mman.h>
 #include <sys/ioctl.h>
 #include <selinux/selinux.h>
+#include <selinux/context.h>
 #include <linux/android/binder.h>
 #if HAVE_BINDERFS
 #include <linux/android/binderfs.h>
diff --git a/tests/binder/service_provider.c b/tests/binder/service_provider.c
index 56d8a43..f47365c 100644
--- a/tests/binder/service_provider.c
+++ b/tests/binder/service_provider.c
@@ -1,14 +1,14 @@
 #include "binder_common.h"
 
-static char *expected_ctx;
+static char *expected_type;
 static int binder_parse(int fd, binder_uintptr_t ptr, binder_size_t size);
 
 static void usage(char *progname)
 {
 	fprintf(stderr,
-		"usage:  %s -e expected_ctx] [-f file] [-n] [-m|-p|-t] [-v]\n"
+		"usage:  %s [-e expected_type] [-f file] [-n] [-m|-p|-t] [-v]\n"
 		"Where:\n\t"
-		"-e  Expected security context.\n\t"
+		"-e  Expected security type.\n\t"
 		"-f  Write a line to the file when listening starts.\n\t"
 		"-n  Use the /dev/binderfs name service.\n\t"
 		"-m  Use BPF map fd for transfer.\n\t"
@@ -162,23 +162,30 @@ static int binder_parse(int fd, binder_uintptr_t ptr, binder_size_t size)
 		case BR_TRANSACTION_SEC_CTX: {
 			struct binder_transaction_data_secctx *txn_ctx =
 				(struct binder_transaction_data_secctx *)ptr;
-
 			if (verbose) {
 				printf("\tclient context:\n\t\t%s\n",
 				       (char *)txn_ctx->secctx);
 				print_trans_data(&txn_ctx->transaction_data);
 			}
 
-			if (expected_ctx) {
-				int result = strcmp(expected_ctx,
-						    (char *)txn_ctx->secctx);
-				if (result) {
+			if (expected_type) {
+				context_t ctx = context_new((const char *)txn_ctx->secctx);
+
+				if (!ctx) {
+					fprintf(stderr,
+						"Service Provider context_new: %s\n",
+						strerror(errno));
+					exit(82);
+				}
+
+				if (strcmp(expected_type, context_type_get(ctx))) {
 					fprintf(stderr, "Service Provider received incorrect context:\n");
 					fprintf(stderr, "Expected: %s\nReceived: %s\n",
-						expected_ctx,
-						(char *)txn_ctx->secctx);
+						expected_type,
+						context_type_get(ctx));
 					exit(80);
 				}
+				context_free(ctx);
 			}
 
 			if (txn_ctx->transaction_data.code == TEST_SERVICE_SEND_FD)
@@ -240,14 +247,14 @@ int main(int argc, char **argv)
 	} __attribute__((packed)) writebuf;
 	unsigned int readbuf[32];
 
-	expected_ctx = NULL;
+	expected_type = NULL;
 	fd_type = BINDER_FD;
 	fd_type_str = "SP";
 
 	while ((opt = getopt(argc, argv, "e:f:nvmpt")) != -1) {
 		switch (opt) {
 		case 'e':
-			expected_ctx = optarg;
+			expected_type = optarg;
 			break;
 		case 'f':
 			flag_file = optarg;
diff --git a/tests/binder/test b/tests/binder/test
index 9914759..95af41a 100755
--- a/tests/binder/test
+++ b/tests/binder/test
@@ -163,7 +163,7 @@ if ($test_binder_ctx) {
     $sp_pid = service_start(
         "service_provider",
         "-t test_binder_provider_t",
-        "$n $v -e unconfined_u:unconfined_r:test_binder_client_t:s0-s0:c0.c1023"
+        "$n $v -e test_binder_client_t"
     );
 
 # 8 Verify that authorized client and service provider can communicate with the binder service manager.
-- 
2.37.1




[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux