1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/kernelhwsrv/kerneltest/e32test/secure/t_capsup.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,1735 @@
1.4 +// Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
1.5 +// All rights reserved.
1.6 +// This component and the accompanying materials are made available
1.7 +// under the terms of the License "Eclipse Public License v1.0"
1.8 +// which accompanies this distribution, and is available
1.9 +// at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.10 +//
1.11 +// Initial Contributors:
1.12 +// Nokia Corporation - initial contribution.
1.13 +//
1.14 +// Contributors:
1.15 +//
1.16 +// Description:
1.17 +// e32test\secure\t_capsup.cpp
1.18 +// Overview:
1.19 +// Test support of platform security capabilities.
1.20 +// API Information:
1.21 +// TCapabilitySet, TSecurityInfo, TSecurityPolicy and various other methods.
1.22 +// Details:
1.23 +// - Verify the enumeration of each of the capability names.
1.24 +// - Test the TCapabilitySet class methods by setting and checking various
1.25 +// capabilities. Verify results are as expected.
1.26 +// - Test the TSecurityInfo class methods and verify results.
1.27 +// - Test the RProcess, RThread and RMessage2 SecureId() methods along with
1.28 +// User::CreatorSecureId(). Verify results are as expected.
1.29 +// - Test the RProcess, RThread and RMessage2 VendorId() methods along with
1.30 +// User::CreatorVendorId(). Verify results are as expected.
1.31 +// - Test the RProcess, RThread and RMessage2 HasCapability() methods along
1.32 +// with User::CreatorHasCapability(). Verify results are as expected.
1.33 +// - Test TSecurityPolicy constructors including macros for compile-time
1.34 +// construction. Verify results are as expected.
1.35 +// - Test kernel APIs. Verify results are as expected.
1.36 +// - Test setting KernelConfigFlags. Ensure that, if __PLATSEC_UNLOCKED__
1.37 +// is not set, the PlatSec flags cannot be unset.
1.38 +// - Test the use of platform security diagnostic strings.
1.39 +// Platforms/Drives/Compatibility:
1.40 +// All.
1.41 +// Assumptions/Requirement/Pre-requisites:
1.42 +// Failures and causes:
1.43 +// Base Port information:
1.44 +//
1.45 +//
1.46 +
1.47 +#define __INCLUDE_CAPABILITY_NAMES__
1.48 +#define __E32TEST_EXTENSION__
1.49 +
1.50 +#include <e32cmn.h>
1.51 +#include <e32cmn_private.h>
1.52 +#include <u32exec.h>
1.53 +#include <e32test.h>
1.54 +#include <e32def.h>
1.55 +#include <e32def_private.h>
1.56 +#include "d_sldd.h"
1.57 +
1.58 +TBool PlatSecEnforcement;
1.59 +
1.60 +_LIT_SECURE_ID(KTestSecureId,0x101f534d);
1.61 +_LIT_SECURE_ID(KTestSecureId2,0x101f534e);
1.62 +_LIT_VENDOR_ID(KTestVendorId,0x01234567);
1.63 +_LIT_VENDOR_ID(KTestVendorId2,0x01234568);
1.64 +
1.65 +const TUint32 KTestCapabilities =(1<<ECapabilityTCB)
1.66 + |(1<<ECapabilityPowerMgmt)
1.67 + |(1<<ECapabilityReadDeviceData)
1.68 + |(1<<ECapabilityDRM)
1.69 + |(1<<ECapabilityProtServ)
1.70 + |(1<<ECapabilityNetworkControl)
1.71 + |(1<<ECapabilitySwEvent)
1.72 + |(1<<ECapabilityLocalServices)
1.73 + |(1<<ECapabilityWriteUserData)
1.74 + |(1<<ECapabilitySurroundingsDD);
1.75 +
1.76 +LOCAL_D RTest test(_L("T_CAPSUP"));
1.77 +
1.78 +enum TTestProcessFunctions
1.79 + {
1.80 + ETestProcessServer,
1.81 + };
1.82 +
1.83 +#include "testprocess.h"
1.84 +
1.85 +TInt StartServer();
1.86 +
1.87 +TInt DoTestProcess(TInt aTestNum,TInt aArg1,TInt aArg2)
1.88 + {
1.89 + (void)aArg1;
1.90 + (void)aArg2;
1.91 +
1.92 + switch(aTestNum)
1.93 + {
1.94 +
1.95 + case ETestProcessServer:
1.96 + return StartServer();
1.97 +
1.98 + default:
1.99 + User::Panic(_L("T_CAPSUP"),1);
1.100 + }
1.101 +
1.102 + return KErrNone;
1.103 + }
1.104 +
1.105 +
1.106 +
1.107 +//
1.108 +// RTestThread
1.109 +//
1.110 +
1.111 +class RTestThread : public RThread
1.112 + {
1.113 +public:
1.114 + void Create(TThreadFunction aFunction,TAny* aArg=0);
1.115 + };
1.116 +
1.117 +void RTestThread::Create(TThreadFunction aFunction,TAny* aArg)
1.118 + {
1.119 + TInt r=RThread::Create(_L(""),aFunction,KDefaultStackSize,KDefaultStackSize,KDefaultStackSize,aArg);
1.120 + test(r==KErrNone);
1.121 + }
1.122 +
1.123 +
1.124 +//
1.125 +// CTestSession
1.126 +//
1.127 +
1.128 +class CTestSession : public CSession2
1.129 + {
1.130 +public:
1.131 + enum {EShutdown,
1.132 + ETestProcessSecurityInfo,ETestThreadSecurityInfo,ETestMessageSecurityInfo,ETestCreatorSecurityInfo,
1.133 + ETestProcessSecureId,ETestThreadSecureId,ETestMessageSecureId,ETestCreatorSecureId,
1.134 + ETestProcessVendorId,ETestThreadVendorId,ETestMessageVendorId,ETestCreatorVendorId,
1.135 + ETestProcessHasCapability1,ETestProcessHasCapability2,
1.136 + ETestThreadHasCapability1,ETestThreadHasCapability2,
1.137 + ETestMessageHasCapability1,ETestMessageHasCapability2,
1.138 + ETestMessageHasCapabilityL1,ETestMessageHasCapabilityL2,
1.139 + ETestCreatorHasCapability1,ETestCreatorHasCapability2,
1.140 + ETestSecurityPolicyAgainstMessage,
1.141 + ETestSecurityPolicyAgainstCreator
1.142 + };
1.143 + enum {EPolicyCheckPassed = 15, EPolicyCheckFailed = 16};
1.144 +public:
1.145 + CTestSession();
1.146 + virtual void ServiceL(const RMessage2& aMessage);
1.147 +public:
1.148 + };
1.149 +
1.150 +CTestSession::CTestSession()
1.151 + : CSession2()
1.152 + {}
1.153 +
1.154 +void CTestSession::ServiceL(const RMessage2& aMessage)
1.155 + {
1.156 + const RMessagePtr2 m(aMessage);
1.157 + switch (aMessage.Function())
1.158 + {
1.159 + case CTestSession::ETestProcessSecureId:
1.160 + {
1.161 + RProcess process;
1.162 + TInt r=process.Open(aMessage.Int0());
1.163 + if(r==KErrNone)
1.164 + {
1.165 + r = process.SecureId();
1.166 + process.Close();
1.167 + }
1.168 + else
1.169 + r = KErrGeneral;
1.170 + m.Complete(r);
1.171 + }
1.172 + break;
1.173 +
1.174 + case CTestSession::ETestThreadSecureId:
1.175 + {
1.176 + RThread thread;
1.177 + TInt r=thread.Open(aMessage.Int0());
1.178 + if(r==KErrNone)
1.179 + {
1.180 + r = thread.SecureId();
1.181 + thread.Close();
1.182 + }
1.183 + else
1.184 + r = KErrGeneral;
1.185 + m.Complete(r);
1.186 + }
1.187 + break;
1.188 +
1.189 + case CTestSession::ETestMessageSecureId:
1.190 + {
1.191 + TInt32 id = m.SecureId();
1.192 + m.Complete(id);
1.193 + }
1.194 + break;
1.195 +
1.196 + case CTestSession::ETestCreatorSecureId:
1.197 + {
1.198 + m.Complete(User::CreatorSecureId());
1.199 + }
1.200 + break;
1.201 +
1.202 + case CTestSession::ETestProcessVendorId:
1.203 + {
1.204 + RProcess process;
1.205 + TInt r=process.Open(aMessage.Int0());
1.206 + if(r==KErrNone)
1.207 + {
1.208 + r = process.VendorId();
1.209 + process.Close();
1.210 + }
1.211 + else
1.212 + r = KErrGeneral;
1.213 + m.Complete(r);
1.214 + }
1.215 + break;
1.216 +
1.217 + case CTestSession::ETestThreadVendorId:
1.218 + {
1.219 + RThread thread;
1.220 + TInt r=thread.Open(aMessage.Int0());
1.221 + if(r==KErrNone)
1.222 + {
1.223 + r = thread.VendorId();
1.224 + thread.Close();
1.225 + }
1.226 + else
1.227 + r = KErrGeneral;
1.228 + m.Complete(r);
1.229 + }
1.230 + break;
1.231 +
1.232 + case CTestSession::ETestMessageVendorId:
1.233 + {
1.234 + TInt32 id = m.VendorId();
1.235 + m.Complete(id);
1.236 + }
1.237 + break;
1.238 +
1.239 + case CTestSession::ETestCreatorVendorId:
1.240 + {
1.241 + m.Complete(User::CreatorVendorId());
1.242 + }
1.243 + break;
1.244 +
1.245 + case CTestSession::ETestProcessSecurityInfo:
1.246 + {
1.247 + RProcess process;
1.248 + TInt r=process.Open(aMessage.Int0());
1.249 + if(r==KErrNone)
1.250 + {
1.251 + TSecurityInfo info;
1.252 + info.Set(process);
1.253 + r = m.Write(1,TPtrC8((TUint8*)&info,sizeof(info)));
1.254 + process.Close();
1.255 + }
1.256 + else
1.257 + r = KErrGeneral;
1.258 + m.Complete(r);
1.259 + }
1.260 + break;
1.261 +
1.262 + case CTestSession::ETestThreadSecurityInfo:
1.263 + {
1.264 + RThread thread;
1.265 + TInt r=thread.Open(aMessage.Int0());
1.266 + if(r==KErrNone)
1.267 + {
1.268 + TSecurityInfo info;
1.269 + info.Set(thread);
1.270 + r = m.Write(1,TPtrC8((TUint8*)&info,sizeof(info)));
1.271 + thread.Close();
1.272 + }
1.273 + else
1.274 + r = KErrGeneral;
1.275 + m.Complete(r);
1.276 + }
1.277 + break;
1.278 +
1.279 + case CTestSession::ETestMessageSecurityInfo:
1.280 + {
1.281 + TSecurityInfo info;
1.282 + info.Set(m);
1.283 + TInt r = m.Write(0,TPtrC8((TUint8*)&info,sizeof(info)));
1.284 + m.Complete(r);
1.285 + }
1.286 + break;
1.287 +
1.288 + case CTestSession::ETestCreatorSecurityInfo:
1.289 + {
1.290 + TSecurityInfo info;
1.291 + info.SetToCreatorInfo();
1.292 + TInt r = m.Write(0,TPtrC8((TUint8*)&info,sizeof(info)));
1.293 + m.Complete(r);
1.294 + }
1.295 + break;
1.296 +
1.297 + case CTestSession::ETestProcessHasCapability1:
1.298 + {
1.299 + RProcess process;
1.300 + TInt r=process.Open(aMessage.Int0());
1.301 + if(r==KErrNone)
1.302 + {
1.303 + r = process.HasCapability((TCapability)aMessage.Int1(),__PLATSEC_DIAGNOSTIC_STRING("ETestProcessHasCapability1"));
1.304 + process.Close();
1.305 + }
1.306 + else
1.307 + r = KErrGeneral;
1.308 + m.Complete(r);
1.309 + }
1.310 + break;
1.311 +
1.312 + case CTestSession::ETestProcessHasCapability2:
1.313 + {
1.314 + RProcess process;
1.315 + TInt r=process.Open(aMessage.Int0());
1.316 + if(r==KErrNone)
1.317 + {
1.318 + r = process.HasCapability((TCapability)aMessage.Int1(),(TCapability)aMessage.Int2(),__PLATSEC_DIAGNOSTIC_STRING("ETestProcessHasCapability2"));
1.319 + process.Close();
1.320 + }
1.321 + else
1.322 + r = KErrGeneral;
1.323 + m.Complete(r);
1.324 + }
1.325 + break;
1.326 +
1.327 + case CTestSession::ETestThreadHasCapability1:
1.328 + {
1.329 + RThread thread;
1.330 + TInt r=thread.Open(aMessage.Int0());
1.331 + if(r==KErrNone)
1.332 + {
1.333 + r = thread.HasCapability((TCapability)aMessage.Int1(),__PLATSEC_DIAGNOSTIC_STRING("ETestThreadHasCapability1"));
1.334 + thread.Close();
1.335 + }
1.336 + else
1.337 + r = KErrGeneral;
1.338 + m.Complete(r);
1.339 + }
1.340 + break;
1.341 +
1.342 + case CTestSession::ETestThreadHasCapability2:
1.343 + {
1.344 + RThread thread;
1.345 + TInt r=thread.Open(aMessage.Int0());
1.346 + if(r==KErrNone)
1.347 + {
1.348 + r = thread.HasCapability((TCapability)aMessage.Int1(),(TCapability)aMessage.Int2(),__PLATSEC_DIAGNOSTIC_STRING("ETestThreadHasCapability2"));
1.349 + thread.Close();
1.350 + }
1.351 + else
1.352 + r = KErrGeneral;
1.353 + m.Complete(r);
1.354 + }
1.355 + break;
1.356 +
1.357 + case CTestSession::ETestMessageHasCapability1:
1.358 + {
1.359 + TInt r = m.HasCapability((TCapability)aMessage.Int0(),__PLATSEC_DIAGNOSTIC_STRING("ETestMessageHasCapability1"));
1.360 + m.Complete(r);
1.361 + }
1.362 + break;
1.363 +
1.364 + case CTestSession::ETestMessageHasCapabilityL1:
1.365 + {
1.366 + TRAPD(r,m.HasCapabilityL((TCapability)aMessage.Int0(),__PLATSEC_DIAGNOSTIC_STRING("ETestMessageHasCapabilityL1")))
1.367 + m.Complete(r);
1.368 + }
1.369 + break;
1.370 +
1.371 + case CTestSession::ETestMessageHasCapability2:
1.372 + {
1.373 + TInt r = m.HasCapability((TCapability)aMessage.Int0(),(TCapability)aMessage.Int1(),__PLATSEC_DIAGNOSTIC_STRING("ETestMessageHasCapability2"));
1.374 + m.Complete(r);
1.375 + }
1.376 + break;
1.377 +
1.378 + case CTestSession::ETestMessageHasCapabilityL2:
1.379 + {
1.380 + TRAPD(r,m.HasCapabilityL((TCapability)aMessage.Int0(),(TCapability)aMessage.Int1(),__PLATSEC_DIAGNOSTIC_STRING("ETestMessageHasCapabilityL2")))
1.381 + m.Complete(r);
1.382 + }
1.383 + break;
1.384 +
1.385 + case CTestSession::ETestCreatorHasCapability1:
1.386 + {
1.387 + TInt r = User::CreatorHasCapability((TCapability)aMessage.Int0(),__PLATSEC_DIAGNOSTIC_STRING("ETestCreatorHasCapability1"));
1.388 + m.Complete(r);
1.389 + }
1.390 + break;
1.391 +
1.392 + case CTestSession::ETestCreatorHasCapability2:
1.393 + {
1.394 + TInt r = User::CreatorHasCapability((TCapability)aMessage.Int0(),(TCapability)aMessage.Int1(),__PLATSEC_DIAGNOSTIC_STRING("ETestCreatorHasCapability2"));
1.395 + m.Complete(r);
1.396 + }
1.397 + break;
1.398 +
1.399 + case CTestSession::ETestSecurityPolicyAgainstMessage:
1.400 + {
1.401 + TBuf8<sizeof(TSecurityPolicy)> buf(0);
1.402 + TInt len = m.GetDesLength(0);
1.403 + TInt r = KErrArgument;
1.404 + if(len>0 && len <=buf.MaxSize())
1.405 + {
1.406 + r = m.Read(0, buf, 0);
1.407 + if(r==KErrNone)
1.408 + {
1.409 + TSecurityPolicy policy;
1.410 + r = policy.Set(buf);
1.411 + if(r == KErrNone)
1.412 + {
1.413 + r = policy.CheckPolicy(m, __PLATSEC_DIAGNOSTIC_STRING("Testing message against policy -- sample additional diagnostic."));
1.414 + if(r)
1.415 + r = EPolicyCheckPassed;
1.416 + else
1.417 + r = EPolicyCheckFailed;
1.418 + }
1.419 + }
1.420 + }
1.421 + m.Complete(r);
1.422 + break;
1.423 + }
1.424 +
1.425 + case CTestSession::ETestSecurityPolicyAgainstCreator:
1.426 + {
1.427 + TBuf8<sizeof(TSecurityPolicy)> buf(0);
1.428 + TInt len = m.GetDesLength(0);
1.429 + TInt r = KErrArgument;
1.430 + if(len>0 && len <=buf.MaxSize())
1.431 + {
1.432 + r = m.Read(0, buf, 0);
1.433 + if(r==KErrNone)
1.434 + {
1.435 + TSecurityPolicy policy;
1.436 + r = policy.Set(buf);
1.437 + if(r == KErrNone)
1.438 + {
1.439 + r = policy.CheckPolicyCreator(__PLATSEC_DIAGNOSTIC_STRING("Testing creator against policy -- sample additional diagnostic."));
1.440 + if(r)
1.441 + r = EPolicyCheckPassed;
1.442 + else
1.443 + r = EPolicyCheckFailed;
1.444 + }
1.445 + }
1.446 + }
1.447 + m.Complete(r);
1.448 + break;
1.449 + }
1.450 +
1.451 + case CTestSession::EShutdown:
1.452 + CActiveScheduler::Stop();
1.453 + break;
1.454 +
1.455 + default:
1.456 + m.Complete(KErrNotSupported);
1.457 + break;
1.458 + }
1.459 + }
1.460 +
1.461 +
1.462 +
1.463 +//
1.464 +// CTestServer
1.465 +//
1.466 +
1.467 +class CTestServer : public CServer2
1.468 + {
1.469 +public:
1.470 + CTestServer(TInt aPriority);
1.471 + virtual CSession2* NewSessionL(const TVersion& aVersion,const RMessage2& aMessage) const;
1.472 + };
1.473 +
1.474 +CTestServer::CTestServer(TInt aPriority)
1.475 + : CServer2(aPriority)
1.476 + {
1.477 + }
1.478 +
1.479 +CSession2* CTestServer::NewSessionL(const TVersion& /*aVersion*/,const RMessage2& /*aMessage*/) const
1.480 + {
1.481 + return new (ELeave) CTestSession();
1.482 + }
1.483 +
1.484 +
1.485 +
1.486 +//
1.487 +// CTestActiveScheduler
1.488 +//
1.489 +
1.490 +class CTestActiveScheduler : public CActiveScheduler
1.491 + {
1.492 +public:
1.493 + virtual void Error(TInt anError) const;
1.494 + };
1.495 +
1.496 +void CTestActiveScheduler::Error(TInt anError) const
1.497 + {
1.498 + User::Panic(_L("TestServer Error"),anError);
1.499 + }
1.500 +
1.501 +
1.502 +
1.503 +//
1.504 +// Server thread
1.505 +//
1.506 +
1.507 +_LIT(KServerName,"T_CAPSUP-server");
1.508 +const TInt KServerRendezvous = KRequestPending+1;
1.509 +
1.510 +void DoStartServer()
1.511 + {
1.512 + CTestActiveScheduler* activeScheduler = new (ELeave) CTestActiveScheduler;
1.513 + CActiveScheduler::Install(activeScheduler);
1.514 + CleanupStack::PushL(activeScheduler);
1.515 +
1.516 + CTestServer* server = new (ELeave) CTestServer(0);
1.517 + CleanupStack::PushL(server);
1.518 +
1.519 + User::LeaveIfError(server->Start(KServerName));
1.520 +
1.521 + RProcess::Rendezvous(KServerRendezvous);
1.522 +
1.523 + CActiveScheduler::Start();
1.524 +
1.525 + CleanupStack::PopAndDestroy(2);
1.526 + }
1.527 +
1.528 +TInt StartServer()
1.529 + {
1.530 + CTrapCleanup* cleanupStack = CTrapCleanup::New();
1.531 + if(!cleanupStack)
1.532 + return KErrNoMemory;
1.533 + TRAPD(leaveError,DoStartServer())
1.534 + delete cleanupStack;
1.535 + return leaveError;
1.536 + }
1.537 +
1.538 +
1.539 +
1.540 +//
1.541 +// RTestSession
1.542 +//
1.543 +
1.544 +class RTestSession : public RSessionBase
1.545 + {
1.546 +public:
1.547 + inline TInt Connect()
1.548 + { return CreateSession(KServerName,TVersion());}
1.549 + inline TInt Send(TInt aFunction)
1.550 + { return RSessionBase::SendReceive(aFunction); }
1.551 + inline TInt Send(TInt aFunction,const TIpcArgs& aArgs)
1.552 + { return RSessionBase::SendReceive(aFunction,aArgs); }
1.553 + inline void Send(TInt aFunction,TRequestStatus& aStatus)
1.554 + { RSessionBase::SendReceive(aFunction,aStatus); }
1.555 + inline void Send(TInt aFunction,const TIpcArgs& aArgs,TRequestStatus& aStatus)
1.556 + { RSessionBase::SendReceive(aFunction,aArgs,aStatus); }
1.557 + };
1.558 +
1.559 +
1.560 +
1.561 +RTestSession Session;
1.562 +
1.563 +void CheckCapabilitySetEqual(const TCapabilitySet& a1,const TCapabilitySet& a2)
1.564 + {
1.565 + TInt i;
1.566 + for(i=0; i<ECapability_Limit; i++)
1.567 + test((!a1.HasCapability((TCapability)i))==(!a2.HasCapability((TCapability)i)));
1.568 + }
1.569 +
1.570 +void TestCapabilitySet()
1.571 + {
1.572 + TCapabilitySet s;
1.573 + TCapabilitySet all;
1.574 + TCapabilitySet empty;
1.575 + TInt i,j,k;
1.576 +
1.577 + test.Start(_L("Each test stage also implicity tests HasCapability()"));
1.578 +
1.579 + test.Next(_L("Test SetEmpty()"));
1.580 + memset(&empty,-1,sizeof(empty));
1.581 + empty.SetEmpty();
1.582 + for(i=0; i<ECapability_HardLimit; i++)
1.583 + test(!empty.HasCapability((TCapability)i));
1.584 + // test memory cleared - assumes knowledge of internal representation
1.585 + for(i=0; i<(TInt)sizeof(empty); ++i)
1.586 + test(((TUint8*)&empty)[i] == 0);
1.587 +
1.588 + test.Next(_L("Test SetAllSupported()"));
1.589 + all.SetAllSupported();
1.590 + // This code makes the assumption that there are no gaps in the TCapability enumeration
1.591 + for(i=0; i<ECapability_Limit; i++)
1.592 + test(all.HasCapability((TCapability)i));
1.593 + for(; i<ECapability_HardLimit; i++)
1.594 + test(!all.HasCapability((TCapability)i));
1.595 +
1.596 + test.Next(_L("Test Set(TCapability)"));
1.597 + for(j=-2; j<ECapability_HardLimit; j++)
1.598 + {
1.599 + if(j&1)
1.600 + s.SetAllSupported();
1.601 + else
1.602 + s.SetEmpty();
1.603 + s.Set((TCapability)j);
1.604 + for(i=0; i<=ECapability_HardLimit; i++)
1.605 + {
1.606 + if(i==j)
1.607 + test(!s.HasCapability((TCapability)i) == !all.HasCapability((TCapability)i)); // Should have capability (if in set of All capabilities)
1.608 + else
1.609 + test(!s.HasCapability((TCapability)i));
1.610 +
1.611 + }
1.612 + test(!s.HasCapability(ECapability_Denied));
1.613 + test(s.HasCapability(ECapability_None));
1.614 + }
1.615 +
1.616 + test.Next(_L("Test Set(TCapability,TCapability)"));
1.617 + for(k=-2; k<ECapability_HardLimit; k++)
1.618 + {
1.619 + for(j=-2; j<ECapability_HardLimit; j++)
1.620 + {
1.621 + if((j^k)&1)
1.622 + s.SetAllSupported();
1.623 + else
1.624 + s.SetEmpty();
1.625 + s.Set((TCapability)j,(TCapability)k);
1.626 + for(i=0; i<=ECapability_HardLimit; i++)
1.627 + {
1.628 + if(i==j || i==k)
1.629 + test(!s.HasCapability((TCapability)i) == !all.HasCapability((TCapability)i)); // Should have capability (if in set of All capabilities)
1.630 + else
1.631 + test(!s.HasCapability((TCapability)i));
1.632 +
1.633 + }
1.634 + test(!s.HasCapability(ECapability_Denied));
1.635 + test(s.HasCapability(ECapability_None));
1.636 + }
1.637 + }
1.638 +
1.639 + test.Next(_L("Test TCapability(TCapability)"));
1.640 + for(j=-2; j<ECapability_HardLimit; j++)
1.641 + {
1.642 + TCapabilitySet t((TCapability)j);
1.643 + for(i=0; i<=ECapability_HardLimit; i++)
1.644 + {
1.645 + if(i==j)
1.646 + test(!t.HasCapability((TCapability)i) == !all.HasCapability((TCapability)i)); // Should have capability (if in set of All capabilities)
1.647 + else
1.648 + test(!t.HasCapability((TCapability)i));
1.649 +
1.650 + }
1.651 + test(!s.HasCapability(ECapability_Denied));
1.652 + test(s.HasCapability(ECapability_None));
1.653 + }
1.654 +
1.655 + test.Next(_L("Test TCapability(TCapability,TCapability)"));
1.656 + for(k=-2; k<ECapability_HardLimit; k++)
1.657 + {
1.658 + for(j=-2; j<ECapability_HardLimit; j++)
1.659 + {
1.660 + TCapabilitySet t((TCapability)j,(TCapability)k);
1.661 + for(i=0; i<=ECapability_HardLimit; i++)
1.662 + {
1.663 + if(i==j || i==k)
1.664 + test(!t.HasCapability((TCapability)i) == !all.HasCapability((TCapability)i)); // Should have capability (if in set of All capabilities)
1.665 + else
1.666 + test(!t.HasCapability((TCapability)i));
1.667 +
1.668 + }
1.669 + test(!s.HasCapability(ECapability_Denied));
1.670 + test(s.HasCapability(ECapability_None));
1.671 + }
1.672 + }
1.673 +
1.674 + test.Next(_L("Test AddCapability(TCapability)"));
1.675 + s.SetEmpty();
1.676 + for(j=-2; j<ECapability_HardLimit; j++) // Add each capability in sequence
1.677 + {
1.678 + s.AddCapability((TCapability)j);
1.679 + for(i=0; i<=j; i++)
1.680 + test(!s.HasCapability((TCapability)i) == !all.HasCapability((TCapability)i)); // Should have capability (if in set of All capabilities)
1.681 + for(; i<ECapability_HardLimit; i++)
1.682 + test(!s.HasCapability((TCapability)i));
1.683 + test(!s.HasCapability(ECapability_Denied));
1.684 + test(s.HasCapability(ECapability_None));
1.685 + }
1.686 + s.SetEmpty();
1.687 + for(j=ECapability_HardLimit-1; j>=-2; j--) // Add each capability in reverse sequence
1.688 + {
1.689 + s.AddCapability((TCapability)j);
1.690 + for(i=ECapability_HardLimit-1; i>=j && i>=0; i--)
1.691 + test(!s.HasCapability((TCapability)i) == !all.HasCapability((TCapability)i)); // Should have capability (if in set of All capabilities)
1.692 + for(; i>=0; i--)
1.693 + test(!s.HasCapability((TCapability)i));
1.694 + test(!s.HasCapability(ECapability_Denied));
1.695 + test(s.HasCapability(ECapability_None));
1.696 + }
1.697 +
1.698 + test.Next(_L("Test RemoveCapability(TCapability)"));
1.699 + s.SetAllSupported();
1.700 + for(j=-2; j<ECapability_HardLimit; j++) // Remove each capability in sequence
1.701 + {
1.702 + s.RemoveCapability((TCapability)j);
1.703 + for(i=0; i<=j; i++)
1.704 + test(!s.HasCapability((TCapability)i));
1.705 + for(; i<ECapability_HardLimit; i++)
1.706 + test(!s.HasCapability((TCapability)i) == !all.HasCapability((TCapability)i)); // Should have capability (if in set of All capabilities)
1.707 + test(!s.HasCapability(ECapability_Denied));
1.708 + test(s.HasCapability(ECapability_None));
1.709 + }
1.710 + s.SetAllSupported();
1.711 + for(j=ECapability_HardLimit-1; j>=-2; j--) // Remove each capability reverse sequence
1.712 + {
1.713 + s.RemoveCapability((TCapability)j);
1.714 + for(i=ECapability_HardLimit-1; i>=j && i >=0; i--)
1.715 + test(!s.HasCapability((TCapability)i));
1.716 + for(; i>=0; i--)
1.717 + test(!s.HasCapability((TCapability)i) == !all.HasCapability((TCapability)i)); // Should have capability (if in set of All capabilities)
1.718 + test(!s.HasCapability(ECapability_Denied));
1.719 + test(s.HasCapability(ECapability_None));
1.720 + }
1.721 +
1.722 + test.Next(_L("Building test sets"));
1.723 + TCapabilitySet even;
1.724 + even.SetEmpty();
1.725 + for(i=0; i<ECapability_Limit; i+=2) even.AddCapability((TCapability)i);
1.726 + TCapabilitySet odd;
1.727 + odd.SetEmpty();
1.728 + for(i=1; i<ECapability_Limit; i+=2) odd.AddCapability((TCapability)i);
1.729 +
1.730 + test.Next(_L("Test Union(TCapabilitySet)"));
1.731 + s.SetEmpty();
1.732 + CheckCapabilitySetEqual(s,empty);
1.733 + s.Union(odd);
1.734 + CheckCapabilitySetEqual(s,odd);
1.735 + s.Union(odd);
1.736 + CheckCapabilitySetEqual(s,odd);
1.737 + s.Union(empty);
1.738 + CheckCapabilitySetEqual(s,odd);
1.739 + s.Union(even);
1.740 + CheckCapabilitySetEqual(s,all);
1.741 + s.Union(even);
1.742 + CheckCapabilitySetEqual(s,all);
1.743 + s.SetEmpty();
1.744 + CheckCapabilitySetEqual(s,empty);
1.745 + s.Union(even);
1.746 + CheckCapabilitySetEqual(s,even);
1.747 + s.Union(even);
1.748 + CheckCapabilitySetEqual(s,even);
1.749 + s.Union(empty);
1.750 + CheckCapabilitySetEqual(s,even);
1.751 + s.Union(odd);
1.752 + CheckCapabilitySetEqual(s,all);
1.753 + s.Union(odd);
1.754 + CheckCapabilitySetEqual(s,all);
1.755 +
1.756 + test.Next(_L("Test Intersection(TCapabilitySet)"));
1.757 + s.SetAllSupported();
1.758 + CheckCapabilitySetEqual(s,all);
1.759 + s.Intersection(odd);
1.760 + CheckCapabilitySetEqual(s,odd);
1.761 + s.Intersection(odd);
1.762 + CheckCapabilitySetEqual(s,odd);
1.763 + s.Intersection(even);
1.764 + CheckCapabilitySetEqual(s,empty);
1.765 + s.Intersection(even);
1.766 + CheckCapabilitySetEqual(s,empty);
1.767 + s.SetAllSupported();
1.768 + CheckCapabilitySetEqual(s,all);
1.769 + s.Intersection(even);
1.770 + CheckCapabilitySetEqual(s,even);
1.771 + s.Intersection(even);
1.772 + CheckCapabilitySetEqual(s,even);
1.773 + s.Intersection(odd);
1.774 + CheckCapabilitySetEqual(s,empty);
1.775 + s.Intersection(odd);
1.776 + CheckCapabilitySetEqual(s,empty);
1.777 +
1.778 + test.Next(_L("Test Remove(TCapabilitySet)"));
1.779 + s.SetAllSupported();
1.780 + CheckCapabilitySetEqual(s,all);
1.781 + s.Remove(odd);
1.782 + CheckCapabilitySetEqual(s,even);
1.783 + s.Remove(odd);
1.784 + CheckCapabilitySetEqual(s,even);
1.785 + s.Remove(empty);
1.786 + CheckCapabilitySetEqual(s,even);
1.787 + s.Remove(even);
1.788 + CheckCapabilitySetEqual(s,empty);
1.789 + s.Remove(even);
1.790 + CheckCapabilitySetEqual(s,empty);
1.791 + s.SetAllSupported();
1.792 + CheckCapabilitySetEqual(s,all);
1.793 + s.Remove(even);
1.794 + CheckCapabilitySetEqual(s,odd);
1.795 + s.Remove(even);
1.796 + CheckCapabilitySetEqual(s,odd);
1.797 + s.Remove(empty);
1.798 + CheckCapabilitySetEqual(s,odd);
1.799 + s.Remove(odd);
1.800 + CheckCapabilitySetEqual(s,empty);
1.801 + s.Remove(odd);
1.802 + CheckCapabilitySetEqual(s,empty);
1.803 +
1.804 + test.Next(_L("Test HasCapabilities(TCapabilitySet)"));
1.805 + for(i=0; i<ECapability_Limit; i++)
1.806 + {
1.807 + if(!all.HasCapability((TCapability)i))
1.808 + continue;
1.809 + TCapabilitySet t((TCapability)i);
1.810 + test(t.HasCapabilities(t));
1.811 + test(all.HasCapabilities(t));
1.812 + test(!empty.HasCapabilities(t));
1.813 + if(i&1)
1.814 + {
1.815 + test(odd.HasCapabilities(t));
1.816 + test(!even.HasCapabilities(t));
1.817 + }
1.818 + else
1.819 + {
1.820 + test(!odd.HasCapabilities(t));
1.821 + test(even.HasCapabilities(t));
1.822 + }
1.823 + test(!t.HasCapabilities(all));
1.824 + test(!t.HasCapabilities(even));
1.825 + test(!t.HasCapabilities(odd));
1.826 + test(t.HasCapabilities(empty));
1.827 + }
1.828 +
1.829 + test(all.HasCapabilities(all));
1.830 + test(all.HasCapabilities(even));
1.831 + test(all.HasCapabilities(odd));
1.832 + test(all.HasCapabilities(empty));
1.833 +
1.834 + test(!even.HasCapabilities(all));
1.835 + test(even.HasCapabilities(even));
1.836 + test(!even.HasCapabilities(odd));
1.837 + test(even.HasCapabilities(empty));
1.838 +
1.839 + test(!odd.HasCapabilities(all));
1.840 + test(!odd.HasCapabilities(even));
1.841 + test(odd.HasCapabilities(odd));
1.842 + test(odd.HasCapabilities(empty));
1.843 +
1.844 + test(!empty.HasCapabilities(all));
1.845 + test(!empty.HasCapabilities(even));
1.846 + test(!empty.HasCapabilities(odd));
1.847 + test(empty.HasCapabilities(empty));
1.848 +
1.849 + test.End();
1.850 + }
1.851 +
1.852 +void CheckSecurityInfo(const TSecurityInfo& a1,const TSecurityInfo& a2)
1.853 + {
1.854 + test(a1.iSecureId==a2.iSecureId);
1.855 + test(a1.iVendorId==a2.iVendorId);
1.856 + TInt i;
1.857 + for(i=0; i<ECapability_Limit; i++)
1.858 + test((!a1.iCaps.HasCapability((TCapability)i))==(!a2.iCaps.HasCapability((TCapability)i)));
1.859 + }
1.860 +
1.861 +void TestSecurityInfo()
1.862 + {
1.863 + TSecurityInfo self;
1.864 + TSecurityInfo info;
1.865 + TPckg<TSecurityInfo> infoPtr(info);
1.866 + TInt i;
1.867 +
1.868 + test.Start(_L("Test TSecurityInfo::SetToCurrentInfo"));
1.869 + self.SetToCurrentInfo();
1.870 + test(self.iSecureId==KTestSecureId);
1.871 + test(self.iVendorId==KTestVendorId);
1.872 + for(i=0; i<ECapability_Limit; i++)
1.873 + test((TUint32)(self.iCaps.HasCapability((TCapability)i)!=0)==((KTestCapabilities>>i)&1));
1.874 +
1.875 + test.Next(_L("Test TSecurityInfo::Set(RProcess)"));
1.876 + Mem::FillZ(&info,sizeof(info));
1.877 + TInt32 r = Session.Send(CTestSession::ETestProcessSecurityInfo,TIpcArgs(TUint(RProcess().Id()),&infoPtr));
1.878 + test(r==KErrNone);
1.879 + CheckSecurityInfo(self,info);
1.880 +
1.881 + test.Next(_L("Test TSecurityInfo::Set(RThread)"));
1.882 + Mem::FillZ(&info,sizeof(info));
1.883 + r = Session.Send(CTestSession::ETestThreadSecurityInfo,TIpcArgs(TUint(RThread().Id()),&infoPtr));
1.884 + test(r==KErrNone);
1.885 + CheckSecurityInfo(self,info);
1.886 +
1.887 + test.Next(_L("Test TSecurityInfo::Set(RMessagePtr2)"));
1.888 + Mem::FillZ(&info,sizeof(info));
1.889 + r = Session.Send(CTestSession::ETestMessageSecurityInfo,TIpcArgs(&infoPtr));
1.890 + test(r==KErrNone);
1.891 + CheckSecurityInfo(self,info);
1.892 +
1.893 + test.Next(_L("Test TSecurityInfo::SetToCreatorInfo"));
1.894 + Mem::FillZ(&info,sizeof(info));
1.895 + r = Session.Send(CTestSession::ETestCreatorSecurityInfo,TIpcArgs(&infoPtr));
1.896 + test(r==KErrNone);
1.897 + CheckSecurityInfo(self,info);
1.898 +
1.899 + test.End();
1.900 + }
1.901 +
1.902 +void TestSecureId()
1.903 + {
1.904 + test.Start(_L("Test RProcess::SecureId()"));
1.905 + TInt r = Session.Send(CTestSession::ETestProcessSecureId,TIpcArgs(TUint(RProcess().Id())));
1.906 + test((TUint32)r==KTestSecureId);
1.907 +
1.908 + test.Next(_L("Test RThread::SecureId()"));
1.909 + r = Session.Send(CTestSession::ETestThreadSecureId,TIpcArgs(TUint(RThread().Id())));
1.910 + test((TUint32)r==KTestSecureId);
1.911 +
1.912 + test.Next(_L("Test RMessage2::SecureId()"));
1.913 + r = Session.Send(CTestSession::ETestMessageSecureId);
1.914 + test((TUint32)r==KTestSecureId);
1.915 +
1.916 + test.Next(_L("Test User::CreatorSecureId()"));
1.917 + r = Session.Send(CTestSession::ETestCreatorSecureId);
1.918 + test((TUint32)r==KTestSecureId);
1.919 +
1.920 + test.End();
1.921 + }
1.922 +
1.923 +void TestVendorId()
1.924 + {
1.925 + test.Start(_L("Test RProcess::VendorId()"));
1.926 + TInt r = Session.Send(CTestSession::ETestProcessVendorId,TIpcArgs(TUint(RProcess().Id())));
1.927 + test((TUint32)r==KTestVendorId);
1.928 +
1.929 + test.Next(_L("Test RThread::VendorId()"));
1.930 + r = Session.Send(CTestSession::ETestThreadVendorId,TIpcArgs(TUint(RThread().Id())));
1.931 + test((TUint32)r==KTestVendorId);
1.932 +
1.933 + test.Next(_L("Test RMessage2::VendorId()"));
1.934 + r = Session.Send(CTestSession::ETestMessageVendorId);
1.935 + test((TUint32)r==KTestVendorId);
1.936 +
1.937 + test.Next(_L("Test User::CreatorVendorId()"));
1.938 + r = Session.Send(CTestSession::ETestCreatorVendorId);
1.939 + test((TUint32)r==KTestVendorId);
1.940 +
1.941 + test.End();
1.942 + }
1.943 +
1.944 +void TestHasCapability()
1.945 + {
1.946 + TInt failResult=PlatSecEnforcement ? 0 : 1;
1.947 + TInt failResultL=PlatSecEnforcement ? KErrPermissionDenied : KErrNone;
1.948 +
1.949 + test.Start(_L("Test RProcess::HasCapability(TCapability)"));
1.950 + TInt r = Session.Send(CTestSession::ETestProcessHasCapability1,TIpcArgs(TUint(RProcess().Id()),ECapabilityLocalServices));
1.951 + test(r);
1.952 + r = Session.Send(CTestSession::ETestProcessHasCapability1,TIpcArgs(TUint(RProcess().Id()),ECapabilityNetworkServices));
1.953 + test(r==failResult);
1.954 + r = Session.Send(CTestSession::ETestProcessHasCapability1,TIpcArgs(TUint(RProcess().Id()),ECapability_None));
1.955 + test(r);
1.956 + r = Session.Send(CTestSession::ETestProcessHasCapability1,TIpcArgs(TUint(RProcess().Id()),ECapability_Denied));
1.957 + test(r==failResult);
1.958 +
1.959 + test.Next(_L("Test RProcess::HasCapability(TCapability,TCapability)"));
1.960 + r = Session.Send(CTestSession::ETestProcessHasCapability2,TIpcArgs(TUint(RProcess().Id()),ECapabilityLocalServices,ECapabilityWriteUserData));
1.961 + test(r);
1.962 + r = Session.Send(CTestSession::ETestProcessHasCapability2,TIpcArgs(TUint(RProcess().Id()),ECapabilityNetworkServices,ECapabilityWriteUserData));
1.963 + test(r==failResult);
1.964 + r = Session.Send(CTestSession::ETestProcessHasCapability2,TIpcArgs(TUint(RProcess().Id()),ECapabilityLocalServices,ECapabilityReadUserData));
1.965 + test(r==failResult);
1.966 + r = Session.Send(CTestSession::ETestProcessHasCapability2,TIpcArgs(TUint(RProcess().Id()),ECapabilityNetworkServices,ECapabilityReadUserData));
1.967 + test(r==failResult);
1.968 + r = Session.Send(CTestSession::ETestProcessHasCapability2,TIpcArgs(TUint(RProcess().Id()),ECapability_None,ECapabilityWriteUserData));
1.969 + test(r);
1.970 + r = Session.Send(CTestSession::ETestProcessHasCapability2,TIpcArgs(TUint(RProcess().Id()),ECapability_Denied,ECapabilityWriteUserData));
1.971 + test(r==failResult);
1.972 +
1.973 + test.Next(_L("Test RThread::HasCapability(TCapability)"));
1.974 + r = Session.Send(CTestSession::ETestThreadHasCapability1,TIpcArgs(TUint(RThread().Id()),ECapabilityLocalServices));
1.975 + test(r);
1.976 + r = Session.Send(CTestSession::ETestThreadHasCapability1,TIpcArgs(TUint(RThread().Id()),ECapabilityNetworkServices));
1.977 + test(r==failResult);
1.978 + r = Session.Send(CTestSession::ETestThreadHasCapability1,TIpcArgs(TUint(RThread().Id()),ECapability_None));
1.979 + test(r);
1.980 + r = Session.Send(CTestSession::ETestThreadHasCapability1,TIpcArgs(TUint(RThread().Id()),ECapability_Denied));
1.981 + test(r==failResult);
1.982 +
1.983 + test.Next(_L("Test RThread::HasCapability(TCapability,TCapability)"));
1.984 + r = Session.Send(CTestSession::ETestThreadHasCapability2,TIpcArgs(TUint(RThread().Id()),ECapabilityLocalServices,ECapabilityWriteUserData));
1.985 + test(r);
1.986 + r = Session.Send(CTestSession::ETestThreadHasCapability2,TIpcArgs(TUint(RThread().Id()),ECapabilityNetworkServices,ECapabilityWriteUserData));
1.987 + test(r==failResult);
1.988 + r = Session.Send(CTestSession::ETestThreadHasCapability2,TIpcArgs(TUint(RThread().Id()),ECapabilityLocalServices,ECapabilityReadUserData));
1.989 + test(r==failResult);
1.990 + r = Session.Send(CTestSession::ETestThreadHasCapability2,TIpcArgs(TUint(RThread().Id()),ECapabilityNetworkServices,ECapabilityReadUserData));
1.991 + test(r==failResult);
1.992 + r = Session.Send(CTestSession::ETestThreadHasCapability2,TIpcArgs(TUint(RThread().Id()),ECapability_None,ECapabilityWriteUserData));
1.993 + test(r);
1.994 + r = Session.Send(CTestSession::ETestThreadHasCapability2,TIpcArgs(TUint(RThread().Id()),ECapability_Denied,ECapabilityWriteUserData));
1.995 + test(r==failResult);
1.996 +
1.997 + test.Next(_L("Test RMessagePtr2::HasCapability(TCapability)"));
1.998 + r = Session.Send(CTestSession::ETestMessageHasCapability1,TIpcArgs(ECapabilityLocalServices));
1.999 + test(r);
1.1000 + r = Session.Send(CTestSession::ETestMessageHasCapability1,TIpcArgs(ECapabilityNetworkServices));
1.1001 + test(r==failResult);
1.1002 + r = Session.Send(CTestSession::ETestMessageHasCapability1,TIpcArgs(ECapability_None));
1.1003 + test(r);
1.1004 + r = Session.Send(CTestSession::ETestMessageHasCapability1,TIpcArgs(ECapability_Denied));
1.1005 + test(r==failResult);
1.1006 +
1.1007 + test.Next(_L("Test RMessagePtr2::HasCapabilityL(TCapability)"));
1.1008 + r = Session.Send(CTestSession::ETestMessageHasCapabilityL1,TIpcArgs(ECapabilityLocalServices));
1.1009 + test(r==KErrNone);
1.1010 + r = Session.Send(CTestSession::ETestMessageHasCapabilityL1,TIpcArgs(ECapabilityNetworkServices));
1.1011 + test(r==failResultL);
1.1012 + r = Session.Send(CTestSession::ETestMessageHasCapabilityL1,TIpcArgs(ECapability_None));
1.1013 + test(r==KErrNone);
1.1014 + r = Session.Send(CTestSession::ETestMessageHasCapabilityL1,TIpcArgs(ECapability_Denied));
1.1015 + test(r==failResultL);
1.1016 +
1.1017 + test.Next(_L("Test RMessagePtr2::HasCapability(TCapability,TCapability)"));
1.1018 + r = Session.Send(CTestSession::ETestMessageHasCapability2,TIpcArgs(ECapabilityLocalServices,ECapabilityWriteUserData));
1.1019 + test(r);
1.1020 + r = Session.Send(CTestSession::ETestMessageHasCapability2,TIpcArgs(ECapabilityNetworkServices,ECapabilityWriteUserData));
1.1021 + test(r==failResult);
1.1022 + r = Session.Send(CTestSession::ETestMessageHasCapability2,TIpcArgs(ECapabilityLocalServices,ECapabilityReadUserData));
1.1023 + test(r==failResult);
1.1024 + r = Session.Send(CTestSession::ETestMessageHasCapability2,TIpcArgs(ECapabilityNetworkServices,ECapabilityReadUserData));
1.1025 + test(r==failResult);
1.1026 + r = Session.Send(CTestSession::ETestMessageHasCapability2,TIpcArgs(ECapability_None,ECapabilityWriteUserData));
1.1027 + test(r);
1.1028 + r = Session.Send(CTestSession::ETestMessageHasCapability2,TIpcArgs(ECapability_Denied,ECapabilityWriteUserData));
1.1029 + test(r==failResult);
1.1030 +
1.1031 + test.Next(_L("Test RMessagePtr2::HasCapabilityL(TCapability,TCapability)"));
1.1032 + r = Session.Send(CTestSession::ETestMessageHasCapabilityL2,TIpcArgs(ECapabilityLocalServices,ECapabilityWriteUserData));
1.1033 + test(r==KErrNone);
1.1034 + r = Session.Send(CTestSession::ETestMessageHasCapabilityL2,TIpcArgs(ECapabilityNetworkServices,ECapabilityWriteUserData));
1.1035 + test(r==failResultL);
1.1036 + r = Session.Send(CTestSession::ETestMessageHasCapabilityL2,TIpcArgs(ECapabilityLocalServices,ECapabilityReadUserData));
1.1037 + test(r==failResultL);
1.1038 + r = Session.Send(CTestSession::ETestMessageHasCapabilityL2,TIpcArgs(ECapabilityNetworkServices,ECapabilityReadUserData));
1.1039 + test(r==failResultL);
1.1040 + r = Session.Send(CTestSession::ETestMessageHasCapabilityL2,TIpcArgs(ECapability_None,ECapabilityWriteUserData));
1.1041 + test(r==KErrNone);
1.1042 + r = Session.Send(CTestSession::ETestMessageHasCapabilityL2,TIpcArgs(ECapability_Denied,ECapabilityWriteUserData));
1.1043 + test(r==failResultL);
1.1044 +
1.1045 + test.Next(_L("Test User::CreatorHasCapability(TCapability)"));
1.1046 + r = Session.Send(CTestSession::ETestCreatorHasCapability1,TIpcArgs(ECapabilityLocalServices));
1.1047 + test(r);
1.1048 + r = Session.Send(CTestSession::ETestCreatorHasCapability1,TIpcArgs(ECapabilityNetworkServices));
1.1049 + test(r==failResult);
1.1050 + r = Session.Send(CTestSession::ETestCreatorHasCapability1,TIpcArgs(ECapability_None));
1.1051 + test(r);
1.1052 + r = Session.Send(CTestSession::ETestCreatorHasCapability1,TIpcArgs(ECapability_Denied));
1.1053 + test(r==failResult);
1.1054 +
1.1055 + test.Next(_L("Test User::CreatorHasCapability(TCapability,TCapability)"));
1.1056 + r = Session.Send(CTestSession::ETestCreatorHasCapability2,TIpcArgs(ECapabilityLocalServices,ECapabilityWriteUserData));
1.1057 + test(r);
1.1058 + r = Session.Send(CTestSession::ETestCreatorHasCapability2,TIpcArgs(ECapabilityNetworkServices,ECapabilityWriteUserData));
1.1059 + test(r==failResult);
1.1060 + r = Session.Send(CTestSession::ETestCreatorHasCapability2,TIpcArgs(ECapabilityLocalServices,ECapabilityReadUserData));
1.1061 + test(r==failResult);
1.1062 + r = Session.Send(CTestSession::ETestCreatorHasCapability2,TIpcArgs(ECapabilityNetworkServices,ECapabilityReadUserData));
1.1063 + test(r==failResult);
1.1064 + r = Session.Send(CTestSession::ETestCreatorHasCapability2,TIpcArgs(ECapability_None,ECapabilityWriteUserData));
1.1065 + test(r);
1.1066 + r = Session.Send(CTestSession::ETestCreatorHasCapability2,TIpcArgs(ECapability_Denied,ECapabilityWriteUserData));
1.1067 + test(r==failResult);
1.1068 +
1.1069 + test.End();
1.1070 + }
1.1071 +
1.1072 +TBool SecurityPoliciesEqual(const TSecurityPolicy& a,const TSecurityPolicy& b)
1.1073 + {
1.1074 + return Mem::Compare((TUint8*)&a, sizeof(TSecurityPolicy), (TUint8*)&b, sizeof(TSecurityPolicy))==0;
1.1075 + }
1.1076 +
1.1077 +void TestSecurityPolicy()
1.1078 + {
1.1079 + test.Start(_L("Test TSecurityPolicy Constructors"));
1.1080 +
1.1081 + TBool failResult=!PlatSecEnforcement;
1.1082 +
1.1083 + test.Next(_L("Empty Constructor"));
1.1084 + {
1.1085 + TSecurityPolicy empty;
1.1086 + TPtrC8 ptr = empty.Package();
1.1087 + TSecurityPolicy empty2;
1.1088 + test(empty2.Set(ptr) == KErrNone);
1.1089 + test(SecurityPoliciesEqual(empty, empty2));
1.1090 +
1.1091 + test(failResult!=!empty.CheckPolicy(RProcess()));
1.1092 + test(failResult!=!empty.CheckPolicy(RThread()));
1.1093 + test(failResult!=!empty2.CheckPolicy(RProcess()));
1.1094 + test(failResult!=!empty2.CheckPolicy(RThread()));
1.1095 +
1.1096 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1097 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1098 +
1.1099 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1100 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1101 + }
1.1102 +
1.1103 + test.Next(_L("Always Fail Constructor"));
1.1104 + {
1.1105 + TSecurityPolicy fail(TSecurityPolicy::EAlwaysFail);
1.1106 + TPtrC8 ptr = fail.Package();
1.1107 + TSecurityPolicy fail2;
1.1108 + test(fail2.Set(ptr) == KErrNone);
1.1109 + test(SecurityPoliciesEqual(fail, fail2));
1.1110 +
1.1111 + test(failResult!=!fail.CheckPolicy(RProcess()));
1.1112 + test(failResult!=!fail.CheckPolicy(RThread()));
1.1113 + test(failResult!=!fail2.CheckPolicy(RProcess()));
1.1114 + test(failResult!=!fail2.CheckPolicy(RThread()));
1.1115 +
1.1116 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1117 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1118 +
1.1119 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1120 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1121 + }
1.1122 +
1.1123 + test.Next(_L("Always Pass Constructor"));
1.1124 + {
1.1125 + TSecurityPolicy pass(TSecurityPolicy::EAlwaysPass);
1.1126 + TPtrC8 ptr = pass.Package();
1.1127 + TSecurityPolicy pass2;
1.1128 + test(pass2.Set(ptr) == KErrNone);
1.1129 + test(SecurityPoliciesEqual(pass, pass2));
1.1130 +
1.1131 + test(pass.CheckPolicy(RProcess()));
1.1132 + test(pass.CheckPolicy(RThread()));
1.1133 + test(pass2.CheckPolicy(RProcess()));
1.1134 + test(pass2.CheckPolicy(RThread()));
1.1135 +
1.1136 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1137 + test(r==CTestSession::EPolicyCheckPassed);
1.1138 +
1.1139 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1140 + test(r==CTestSession::EPolicyCheckPassed);
1.1141 + }
1.1142 +
1.1143 + test.Next(_L("3 Capability Constructor"));
1.1144 + {
1.1145 + TSecurityPolicy threeCaps(ECapabilityTCB,ECapabilityDRM,ECapabilityProtServ);
1.1146 + //Current process has these three
1.1147 + test(threeCaps.CheckPolicy(RProcess()));
1.1148 + test(threeCaps.CheckPolicy(RThread()));
1.1149 + TPtrC8 ptr = threeCaps.Package();
1.1150 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1151 + test(r==CTestSession::EPolicyCheckPassed);
1.1152 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1153 + test(r==CTestSession::EPolicyCheckPassed);
1.1154 + }
1.1155 +
1.1156 + {
1.1157 + TSecurityPolicy threeCaps(ECapabilityTCB,ECapabilityProtServ,ECapabilityCommDD);
1.1158 + //Current process doesn't have ECapabilityCommDD
1.1159 + test(failResult!=!(threeCaps.CheckPolicy(RProcess())));
1.1160 + test(failResult!=!(threeCaps.CheckPolicy(RThread())));
1.1161 + TPtrC8 ptr = threeCaps.Package();
1.1162 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1163 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1164 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1165 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1166 + }
1.1167 +
1.1168 + {
1.1169 + TSecurityPolicy threeCaps(ECapabilityCommDD);
1.1170 + //Current process doesn't have ECapabilityCommDD
1.1171 + test(failResult!=!(threeCaps.CheckPolicy(RProcess())));
1.1172 + test(failResult!=!(threeCaps.CheckPolicy(RThread())));
1.1173 + TPtrC8 ptr = threeCaps.Package();
1.1174 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1175 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1176 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1177 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1178 + }
1.1179 +
1.1180 + {
1.1181 + TSecurityPolicy threeCaps(ECapabilityTCB);
1.1182 + //Current process has TCB + 2 * ECapability_None
1.1183 + test(threeCaps.CheckPolicy(RProcess()));
1.1184 + test(threeCaps.CheckPolicy(RThread()));
1.1185 +
1.1186 + TPtrC8 ptr = threeCaps.Package();
1.1187 + TSecurityPolicy threeCaps2;
1.1188 + TBuf8<sizeof(TSecurityPolicy)> invalid;
1.1189 + for(TInt i=4; i<=7; i++)
1.1190 + {
1.1191 + invalid=ptr;
1.1192 + invalid[i] = 0; // Set unused capability to be invalid
1.1193 + test(threeCaps2.Set(invalid)==KErrArgument);
1.1194 + }
1.1195 + test(threeCaps2.Set(ptr)==KErrNone);
1.1196 + test(SecurityPoliciesEqual(threeCaps, threeCaps2));
1.1197 +
1.1198 + test(threeCaps2.CheckPolicy(RProcess()));
1.1199 + test(threeCaps2.CheckPolicy(RThread()));
1.1200 +
1.1201 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1202 + test(r==CTestSession::EPolicyCheckPassed);
1.1203 +
1.1204 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1205 + test(r==CTestSession::EPolicyCheckPassed);
1.1206 + }
1.1207 +
1.1208 + test.Next(_L("7 Capability Constructor"));
1.1209 + {
1.1210 + TSecurityPolicy sevenCaps(ECapabilityTCB,ECapabilityWriteUserData,ECapabilitySwEvent,ECapabilityProtServ,ECapabilityNetworkControl,ECapabilityDRM,ECapabilityReadDeviceData);
1.1211 + //Current process has all 7 of these.
1.1212 + test(sevenCaps.CheckPolicy(RProcess()));
1.1213 + test(sevenCaps.CheckPolicy(RThread()));
1.1214 + TPtrC8 ptr = sevenCaps.Package();
1.1215 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1216 + test(r==CTestSession::EPolicyCheckPassed);
1.1217 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1218 + test(r==CTestSession::EPolicyCheckPassed);
1.1219 + }
1.1220 +
1.1221 + {
1.1222 + TSecurityPolicy sevenCaps(ECapabilityTCB,ECapabilityWriteUserData,ECapabilityMultimediaDD,ECapabilityProtServ,ECapabilityNetworkControl,ECapabilityDRM,ECapabilityReadDeviceData);
1.1223 + //Current process doesn't have MultimediaDD
1.1224 + test(failResult!=!(sevenCaps.CheckPolicy(RProcess())));
1.1225 + test(failResult!=!(sevenCaps.CheckPolicy(RThread())));
1.1226 + TPtrC8 ptr = sevenCaps.Package();
1.1227 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1228 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1229 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1230 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1231 + }
1.1232 +
1.1233 + {
1.1234 + TSecurityPolicy sevenCaps(ECapabilityTCB,ECapabilityWriteUserData,ECapabilityMultimediaDD,ECapabilityProtServ,ECapabilityTrustedUI,ECapabilityDRM,ECapabilityReadDeviceData);
1.1235 + //Current process doesn't have MultiMediaDD or TrustedUI
1.1236 + test(failResult!=!(sevenCaps.CheckPolicy(RProcess())));
1.1237 + test(failResult!=!(sevenCaps.CheckPolicy(RThread())));
1.1238 +
1.1239 + TPtrC8 ptr = sevenCaps.Package();
1.1240 + TSecurityPolicy sevenCaps2;
1.1241 + test(sevenCaps2.Set(ptr)==KErrNone);
1.1242 + test(SecurityPoliciesEqual(sevenCaps,sevenCaps2));
1.1243 + test(failResult!=!(sevenCaps2.CheckPolicy(RProcess())));
1.1244 + test(failResult!=!(sevenCaps2.CheckPolicy(RThread())));
1.1245 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1246 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);;
1.1247 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1248 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);;
1.1249 + }
1.1250 +
1.1251 + test.Next(_L("SID + 3 constructor"));
1.1252 + {
1.1253 + TSecurityPolicy sid(KTestSecureId, ECapabilityProtServ, ECapabilityDRM, ECapabilityReadDeviceData);
1.1254 + //Current process has all three + sid
1.1255 + test(sid.CheckPolicy(RProcess()));
1.1256 + test(sid.CheckPolicy(RThread()));
1.1257 +
1.1258 + TPtrC8 ptr = sid.Package();
1.1259 + TSecurityPolicy sid2;
1.1260 + test(sid2.Set(ptr)==KErrNone);
1.1261 + test(SecurityPoliciesEqual(sid,sid2));
1.1262 + test(sid2.CheckPolicy(RProcess()));
1.1263 + test(sid2.CheckPolicy(RThread()));
1.1264 +
1.1265 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1266 + test(r==CTestSession::EPolicyCheckPassed);
1.1267 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1268 + test(r==CTestSession::EPolicyCheckPassed);
1.1269 + }
1.1270 +
1.1271 + {
1.1272 + TSecurityPolicy sid(KTestSecureId2, ECapabilityProtServ, ECapabilityDRM, ECapabilityReadDeviceData);
1.1273 + //Current process has all three caps but not sid
1.1274 + test(failResult!=!(sid.CheckPolicy(RProcess())));
1.1275 + test(failResult!=!(sid.CheckPolicy(RThread())));
1.1276 + TPtrC8 ptr = sid.Package();
1.1277 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1278 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1279 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1280 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1281 + }
1.1282 +
1.1283 + {
1.1284 + TSecurityPolicy sid(KTestSecureId, ECapabilityProtServ, ECapabilityWriteDeviceData);
1.1285 + //Current process has sid but missing ECapabilityWriteDeviceData
1.1286 + test(failResult!=!(sid.CheckPolicy(RProcess())));
1.1287 + test(failResult!=!(sid.CheckPolicy(RThread())));
1.1288 + TPtrC8 ptr = sid.Package();
1.1289 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1290 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1291 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1292 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1293 + }
1.1294 +
1.1295 + {
1.1296 + TSecurityPolicy sid(KTestSecureId2, ECapabilityProtServ, ECapabilityWriteDeviceData);
1.1297 + //Current process is missing sid and ECapabilityWriteDeviceData
1.1298 + test(failResult!=!(sid.CheckPolicy(RProcess())));
1.1299 + test(failResult!=!(sid.CheckPolicy(RThread())));
1.1300 + TPtrC8 ptr = sid.Package();
1.1301 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1302 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1303 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1304 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1305 + }
1.1306 +
1.1307 + test.Next(_L("VID + 3 constructor"));
1.1308 + {
1.1309 + TSecurityPolicy vid(KTestVendorId, ECapabilityProtServ, ECapabilityDRM, ECapabilityReadDeviceData);
1.1310 + //Current process has all three + vid
1.1311 + test(vid.CheckPolicy(RProcess()));
1.1312 + test(vid.CheckPolicy(RThread()));
1.1313 +
1.1314 + TPtrC8 ptr = vid.Package();
1.1315 + TSecurityPolicy vid2;
1.1316 + test(vid2.Set(ptr)==KErrNone);
1.1317 + test(SecurityPoliciesEqual(vid,vid2));
1.1318 + test(vid2.CheckPolicy(RProcess()));
1.1319 + test(vid2.CheckPolicy(RThread()));
1.1320 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1321 + test(r==CTestSession::EPolicyCheckPassed);
1.1322 + }
1.1323 +
1.1324 + {
1.1325 + TSecurityPolicy vid(KTestVendorId2, ECapabilityProtServ, ECapabilityDRM, ECapabilityReadDeviceData);
1.1326 + //Current process has all three caps but not vid
1.1327 + test(failResult!=!(vid.CheckPolicy(RProcess())));
1.1328 + test(failResult!=!(vid.CheckPolicy(RThread())));
1.1329 + TPtrC8 ptr = vid.Package();
1.1330 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1331 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1332 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1333 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1334 + }
1.1335 +
1.1336 + {
1.1337 + TSecurityPolicy vid(KTestVendorId, ECapabilityProtServ, ECapabilityWriteDeviceData);
1.1338 + //Current process has vid but missing ECapabilityWriteDeviceData
1.1339 + test(failResult!=!(vid.CheckPolicy(RProcess())));
1.1340 + test(failResult!=!(vid.CheckPolicy(RThread())));
1.1341 + TPtrC8 ptr = vid.Package();
1.1342 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1343 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1344 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1345 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1346 + }
1.1347 +
1.1348 + {
1.1349 + TSecurityPolicy vid(KTestVendorId2, ECapabilityProtServ, ECapabilityWriteDeviceData);
1.1350 + //Current process is missing vid and ECapabilityWriteDeviceData
1.1351 + test(failResult!=!(vid.CheckPolicy(RProcess())));
1.1352 + test(failResult!=!(vid.CheckPolicy(RThread())));
1.1353 + TPtrC8 ptr = vid.Package();
1.1354 + TInt r = Session.Send(CTestSession::ETestSecurityPolicyAgainstMessage,TIpcArgs(&ptr));
1.1355 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1356 + r = Session.Send(CTestSession::ETestSecurityPolicyAgainstCreator,TIpcArgs(&ptr));
1.1357 + test(r==failResult?CTestSession::EPolicyCheckFailed:CTestSession::EPolicyCheckPassed);
1.1358 + }
1.1359 +
1.1360 + test.Next(_L("Macros for compile-time construction"));
1.1361 + {
1.1362 + static _LIT_SECURITY_POLICY_C7(pc7,1,2,3,4,5,6,7);
1.1363 + static _LIT_SECURITY_POLICY_C6(pc6,1,2,3,4,5,6);
1.1364 + static _LIT_SECURITY_POLICY_C5(pc5,1,2,3,4,5);
1.1365 + static _LIT_SECURITY_POLICY_C4(pc4,1,2,3,4);
1.1366 + static _LIT_SECURITY_POLICY_C3(pc3,1,2,3);
1.1367 + static _LIT_SECURITY_POLICY_C2(pc2,1,2);
1.1368 + static _LIT_SECURITY_POLICY_C1(pc1,1);
1.1369 + test(SecurityPoliciesEqual(pc7,TSecurityPolicy((TCapability)1,(TCapability)2,(TCapability)3,(TCapability)4,(TCapability)5,(TCapability)6,(TCapability)7)));
1.1370 + test(SecurityPoliciesEqual(pc6,TSecurityPolicy((TCapability)1,(TCapability)2,(TCapability)3,(TCapability)4,(TCapability)5,(TCapability)6)));
1.1371 + test(SecurityPoliciesEqual(pc5,TSecurityPolicy((TCapability)1,(TCapability)2,(TCapability)3,(TCapability)4,(TCapability)5)));
1.1372 + test(SecurityPoliciesEqual(pc4,TSecurityPolicy((TCapability)1,(TCapability)2,(TCapability)3,(TCapability)4)));
1.1373 + test(SecurityPoliciesEqual(pc3,TSecurityPolicy((TCapability)1,(TCapability)2,(TCapability)3)));
1.1374 + test(SecurityPoliciesEqual(pc2,TSecurityPolicy((TCapability)1,(TCapability)2)));
1.1375 + test(SecurityPoliciesEqual(pc1,TSecurityPolicy((TCapability)1)));
1.1376 +
1.1377 + static _LIT_SECURITY_POLICY_S3(ps3,0x12345678,1,2,3);
1.1378 + static _LIT_SECURITY_POLICY_S2(ps2,0x12345678,1,2);
1.1379 + static _LIT_SECURITY_POLICY_S1(ps1,0x12345678,1);
1.1380 + static _LIT_SECURITY_POLICY_S0(ps0,0x12345678);
1.1381 + test(SecurityPoliciesEqual(ps3,TSecurityPolicy(TSecureId(0x12345678),(TCapability)1,(TCapability)2,(TCapability)3)));
1.1382 + test(SecurityPoliciesEqual(ps2,TSecurityPolicy(TSecureId(0x12345678),(TCapability)1,(TCapability)2)));
1.1383 + test(SecurityPoliciesEqual(ps1,TSecurityPolicy(TSecureId(0x12345678),(TCapability)1)));
1.1384 + test(SecurityPoliciesEqual(ps0,TSecurityPolicy(TSecureId(0x12345678))));
1.1385 +
1.1386 + static _LIT_SECURITY_POLICY_V3(pv3,0x12345678,1,2,3);
1.1387 + static _LIT_SECURITY_POLICY_V2(pv2,0x12345678,1,2);
1.1388 + static _LIT_SECURITY_POLICY_V1(pv1,0x12345678,1);
1.1389 + static _LIT_SECURITY_POLICY_V0(pv0,0x12345678);
1.1390 + test(SecurityPoliciesEqual(pv3,TSecurityPolicy(TVendorId(0x12345678),(TCapability)1,(TCapability)2,(TCapability)3)));
1.1391 + test(SecurityPoliciesEqual(pv2,TSecurityPolicy(TVendorId(0x12345678),(TCapability)1,(TCapability)2)));
1.1392 + test(SecurityPoliciesEqual(pv1,TSecurityPolicy(TVendorId(0x12345678),(TCapability)1)));
1.1393 + test(SecurityPoliciesEqual(pv0,TSecurityPolicy(TVendorId(0x12345678))));
1.1394 +
1.1395 + static _LIT_SECURITY_POLICY_FAIL(fail);
1.1396 + static _LIT_SECURITY_POLICY_PASS(pass);
1.1397 + test(SecurityPoliciesEqual(fail,TSecurityPolicy(TSecurityPolicy::EAlwaysFail)));
1.1398 + test(SecurityPoliciesEqual(pass,TSecurityPolicy(TSecurityPolicy::EAlwaysPass)));
1.1399 + }
1.1400 +
1.1401 + test.Next(_L("Macros for compile-time initialisation"));
1.1402 + {
1.1403 + const TStaticSecurityPolicy pc7 = _INIT_SECURITY_POLICY_C7(1,2,3,4,5,6,7);
1.1404 + const TStaticSecurityPolicy pc6 = _INIT_SECURITY_POLICY_C6(1,2,3,4,5,6);
1.1405 + const TStaticSecurityPolicy pc5 = _INIT_SECURITY_POLICY_C5(1,2,3,4,5);
1.1406 + const TStaticSecurityPolicy pc4 = _INIT_SECURITY_POLICY_C4(1,2,3,4);
1.1407 + const TStaticSecurityPolicy pc3 = _INIT_SECURITY_POLICY_C3(1,2,3);
1.1408 + const TStaticSecurityPolicy pc2 = _INIT_SECURITY_POLICY_C2(1,2);
1.1409 + const TStaticSecurityPolicy pc1 = _INIT_SECURITY_POLICY_C1(1);
1.1410 + test(SecurityPoliciesEqual(pc7,TSecurityPolicy((TCapability)1,(TCapability)2,(TCapability)3,(TCapability)4,(TCapability)5,(TCapability)6,(TCapability)7)));
1.1411 + test(SecurityPoliciesEqual(pc6,TSecurityPolicy((TCapability)1,(TCapability)2,(TCapability)3,(TCapability)4,(TCapability)5,(TCapability)6)));
1.1412 + test(SecurityPoliciesEqual(pc5,TSecurityPolicy((TCapability)1,(TCapability)2,(TCapability)3,(TCapability)4,(TCapability)5)));
1.1413 + test(SecurityPoliciesEqual(pc4,TSecurityPolicy((TCapability)1,(TCapability)2,(TCapability)3,(TCapability)4)));
1.1414 + test(SecurityPoliciesEqual(pc3,TSecurityPolicy((TCapability)1,(TCapability)2,(TCapability)3)));
1.1415 + test(SecurityPoliciesEqual(pc2,TSecurityPolicy((TCapability)1,(TCapability)2)));
1.1416 + test(SecurityPoliciesEqual(pc1,TSecurityPolicy((TCapability)1)));
1.1417 +
1.1418 + const TStaticSecurityPolicy ps3 = _INIT_SECURITY_POLICY_S3(0x12345678,1,2,3);
1.1419 + const TStaticSecurityPolicy ps2 = _INIT_SECURITY_POLICY_S2(0x12345678,1,2);
1.1420 + const TStaticSecurityPolicy ps1 = _INIT_SECURITY_POLICY_S1(0x12345678,1);
1.1421 + const TStaticSecurityPolicy ps0 = _INIT_SECURITY_POLICY_S0(0x12345678);
1.1422 + test(SecurityPoliciesEqual(ps3,TSecurityPolicy(TSecureId(0x12345678),(TCapability)1,(TCapability)2,(TCapability)3)));
1.1423 + test(SecurityPoliciesEqual(ps2,TSecurityPolicy(TSecureId(0x12345678),(TCapability)1,(TCapability)2)));
1.1424 + test(SecurityPoliciesEqual(ps1,TSecurityPolicy(TSecureId(0x12345678),(TCapability)1)));
1.1425 + test(SecurityPoliciesEqual(ps0,TSecurityPolicy(TSecureId(0x12345678))));
1.1426 +
1.1427 + const TStaticSecurityPolicy pv3 = _INIT_SECURITY_POLICY_V3(0x12345678,1,2,3);
1.1428 + const TStaticSecurityPolicy pv2 = _INIT_SECURITY_POLICY_V2(0x12345678,1,2);
1.1429 + const TStaticSecurityPolicy pv1 = _INIT_SECURITY_POLICY_V1(0x12345678,1);
1.1430 + const TStaticSecurityPolicy pv0 = _INIT_SECURITY_POLICY_V0(0x12345678);
1.1431 + test(SecurityPoliciesEqual(pv3,TSecurityPolicy(TVendorId(0x12345678),(TCapability)1,(TCapability)2,(TCapability)3)));
1.1432 + test(SecurityPoliciesEqual(pv2,TSecurityPolicy(TVendorId(0x12345678),(TCapability)1,(TCapability)2)));
1.1433 + test(SecurityPoliciesEqual(pv1,TSecurityPolicy(TVendorId(0x12345678),(TCapability)1)));
1.1434 + test(SecurityPoliciesEqual(pv0,TSecurityPolicy(TVendorId(0x12345678))));
1.1435 +
1.1436 + const TStaticSecurityPolicy fail = _INIT_SECURITY_POLICY_FAIL;
1.1437 + const TStaticSecurityPolicy pass = _INIT_SECURITY_POLICY_PASS;
1.1438 + test(SecurityPoliciesEqual(fail,TSecurityPolicy(TSecurityPolicy::EAlwaysFail)));
1.1439 + test(SecurityPoliciesEqual(pass,TSecurityPolicy(TSecurityPolicy::EAlwaysPass)));
1.1440 +
1.1441 + }
1.1442 +
1.1443 + test.End();
1.1444 + }
1.1445 +
1.1446 +#define CHECK_NAME(name) \
1.1447 + test(0==TPtrC8((TUint8*)#name).Compare(TPtrC8((TUint8*)CapabilityNames[ECapability##name])));
1.1448 +
1.1449 +void TestCapabilityNames()
1.1450 + {
1.1451 + CHECK_NAME(TCB);
1.1452 + CHECK_NAME(CommDD);
1.1453 + CHECK_NAME(PowerMgmt);
1.1454 + CHECK_NAME(MultimediaDD);
1.1455 + CHECK_NAME(ReadDeviceData);
1.1456 + CHECK_NAME(WriteDeviceData);
1.1457 + CHECK_NAME(DRM);
1.1458 + CHECK_NAME(TrustedUI);
1.1459 + CHECK_NAME(ProtServ);
1.1460 + CHECK_NAME(DiskAdmin);
1.1461 + CHECK_NAME(NetworkControl);
1.1462 + CHECK_NAME(AllFiles);
1.1463 + CHECK_NAME(SwEvent);
1.1464 + CHECK_NAME(NetworkServices);
1.1465 + CHECK_NAME(LocalServices);
1.1466 + CHECK_NAME(ReadUserData);
1.1467 + CHECK_NAME(WriteUserData);
1.1468 + CHECK_NAME(Location);
1.1469 + CHECK_NAME(SurroundingsDD);
1.1470 + CHECK_NAME(UserEnvironment);
1.1471 + }
1.1472 +
1.1473 +
1.1474 +void TestKernelAPIs()
1.1475 + {
1.1476 + RLddTest ldd;
1.1477 + TInt r=User::LoadLogicalDevice(_L("D_SLDD.LDD"));
1.1478 + test(r==KErrNone || r==KErrAlreadyExists);
1.1479 + r=ldd.OpenLocal();
1.1480 + test(r==KErrNone);
1.1481 +
1.1482 + RLddTest::TIds ids;
1.1483 + memclr(&ids,sizeof(ids));
1.1484 + ldd.GetIds(ids);
1.1485 + test.Printf(_L("Thread VID,SID = %08x,%08x\n\r"),ids.iThreadVID.iId,ids.iThreadSID.iId);
1.1486 + test.Printf(_L("Process VID,SID = %08x,%08x\n\r"),ids.iProcessVID.iId,ids.iProcessSID.iId);
1.1487 + test(ids.iThreadVID==KTestVendorId);
1.1488 + test(ids.iThreadSID==KTestSecureId);
1.1489 + test(ids.iProcessVID==KTestVendorId);
1.1490 + test(ids.iProcessSID==KTestSecureId);
1.1491 +
1.1492 + // Test kernel-mode TSecurityInfo-getting APIs
1.1493 + TSecurityInfo infoProcess, infoThread;
1.1494 + ldd.GetSecureInfos(&infoThread, &infoProcess);
1.1495 + // Check the vendor & secure IDs are what's expected
1.1496 + test(infoThread.iVendorId==KTestVendorId);
1.1497 + test(infoThread.iSecureId==KTestSecureId);
1.1498 + test(infoProcess.iVendorId==KTestVendorId);
1.1499 + test(infoProcess.iSecureId==KTestSecureId);
1.1500 + // Check process caps == thread caps
1.1501 + TUint32* capsT = (TUint32*)&infoThread.iCaps;
1.1502 + TUint32* capsP = (TUint32*)&infoProcess.iCaps;
1.1503 + test(capsT[0]==capsP[0]);
1.1504 + test(capsT[1]==capsP[1]);
1.1505 + // Check the caps match what the user API gives
1.1506 + RProcess this_process;
1.1507 + for (TInt i=0 ; i<64 ; i++) {
1.1508 + TCapability cap = (TCapability)i;
1.1509 + test(infoProcess.iCaps.HasCapability(cap) == this_process.HasCapability(cap));
1.1510 + }
1.1511 +
1.1512 +
1.1513 + ldd.Close();
1.1514 + }
1.1515 +
1.1516 +
1.1517 +void TestPlatSecUnlocked()
1.1518 + {
1.1519 + RLddTest ldd;
1.1520 + TInt r = User::LoadLogicalDevice(_L("D_SLDD.LDD"));
1.1521 + test(r == KErrNone || r == KErrAlreadyExists);
1.1522 + r = ldd.OpenLocal();
1.1523 + test_KErrNone(r);
1.1524 +
1.1525 + TUint32 flags0, flags;
1.1526 + TInt enforced;
1.1527 +
1.1528 + flags0 = ldd.GetKernelConfigFlags();
1.1529 +
1.1530 + const TUint32 bits = (TUint32)(EKernelConfigTest | EKernelConfigPlatSecEnforcement);
1.1531 +
1.1532 + // Different test cases depending on whether __PLATSEC_UNLOCKED__ defined.
1.1533 + // Ask the kernel whether EKernelConfigPlatSecLocked is set, and hope that
1.1534 + // it's not lying to us!
1.1535 + //
1.1536 + // Best thing to do is to check the log and verify the printf() output.
1.1537 + //
1.1538 +
1.1539 + if (PlatSec::ConfigSetting(PlatSec::EPlatSecLocked))
1.1540 + {
1.1541 + /*
1.1542 + * Tests for __PLATSEC_UNLOCKED__ not defined
1.1543 + *
1.1544 + * The device driver is built with __PLATSEC_FORCED_FLAGS__ set to 0, so we can't use
1.1545 + * its GetKernelConfigFlags() interface (the accessor functions are inlines) when we're
1.1546 + * testing for PlatSec locked. Instead, use PlatSec::ConfigSetting(), which makes an
1.1547 + * exec call to get iKernelConfigFlags.
1.1548 + */
1.1549 + test.Printf(_L("__PLATSEC_UNLOCKED_ does NOT appear to have been used\n"));
1.1550 +
1.1551 + /* Check that PlatSecEnforcement is set */
1.1552 + enforced = PlatSec::ConfigSetting(PlatSec::EPlatSecEnforcement);
1.1553 + test(enforced != 0);
1.1554 +
1.1555 + /* Check that the device driver is able to set our test bit */
1.1556 + ldd.SetKernelConfigFlags(flags0 | EKernelConfigTest);
1.1557 +
1.1558 + flags = ldd.GetKernelConfigFlags();
1.1559 + test((flags & EKernelConfigTest) == EKernelConfigTest);
1.1560 +
1.1561 + /* Check that the device driver is able to clear our test bit, but not able to clear enforcement bit */
1.1562 + ldd.SetKernelConfigFlags(flags0 & ~bits);
1.1563 +
1.1564 + enforced = PlatSec::ConfigSetting(PlatSec::EPlatSecEnforcement);
1.1565 + test(enforced != 0);
1.1566 + }
1.1567 + else
1.1568 + {
1.1569 + /*
1.1570 + * Tests for __PLATSEC_UNLOCKED__ defined
1.1571 + */
1.1572 + test.Printf(_L("__PLATSEC_UNLOCKED_ DOES appear to have been used\n"));
1.1573 +
1.1574 + /* Check that the device driver is able to set our test bit and PlatSecEnforcement */
1.1575 + ldd.SetKernelConfigFlags(flags0 | bits);
1.1576 +
1.1577 + flags = ldd.GetKernelConfigFlags();
1.1578 + test((flags & bits) == bits);
1.1579 +
1.1580 + /* And verify that the kernel sees the same result */
1.1581 + enforced = PlatSec::ConfigSetting(PlatSec::EPlatSecEnforcement);
1.1582 + test(enforced != 0); // (yes, "!= 0" is redundant)
1.1583 +
1.1584 + /* Check that the device driver is able to clear our test bit and PlatSecEnforcement */
1.1585 + ldd.SetKernelConfigFlags(flags0 & ~bits);
1.1586 +
1.1587 + flags = ldd.GetKernelConfigFlags();
1.1588 + test((flags & bits) == 0);
1.1589 +
1.1590 + /* Verify that the kernel sees the same result */
1.1591 + enforced = PlatSec::ConfigSetting(PlatSec::EPlatSecEnforcement);
1.1592 + test(enforced == 0);
1.1593 + }
1.1594 +
1.1595 + /* Restore original flags value */
1.1596 + ldd.SetKernelConfigFlags(flags0);
1.1597 +
1.1598 + // Now test handling of iDisabledCapabilities
1.1599 +
1.1600 + const TUint32 test_value = 0x31415926; // Just some random number
1.1601 +
1.1602 + TCapabilitySet disabled0, disabled;
1.1603 + disabled0.SetDisabled();
1.1604 +
1.1605 + SCapabilitySet *caps0 = (SCapabilitySet *)&disabled0;
1.1606 + SCapabilitySet *caps = (SCapabilitySet *)&disabled;
1.1607 +
1.1608 + if (PlatSec::ConfigSetting(PlatSec::EPlatSecLocked))
1.1609 + {
1.1610 + /*
1.1611 + * Tests for __PLATSEC_UNLOCKED__ not defined
1.1612 + */
1.1613 +
1.1614 + /* Check that the capability set is 0 */
1.1615 + int i;
1.1616 +
1.1617 + for (i = 0; i < SCapabilitySet::ENCapW; i++)
1.1618 + {
1.1619 + test_Equal(0, caps0->iCaps[i]);
1.1620 + }
1.1621 +
1.1622 + /* Check that the device driver is not able to set word 0 of disabled capabilities */
1.1623 + ldd.SetDisabledCapabilities0(test_value);
1.1624 +
1.1625 + /*
1.1626 + * It's okay to use SetDisabled() here, since this makes an exec call to get the
1.1627 + * set of disabled capabilities.
1.1628 + */
1.1629 + disabled.SetDisabled();
1.1630 + test_Equal(0, caps->iCaps[0]);
1.1631 + }
1.1632 + else
1.1633 + {
1.1634 + /*
1.1635 + * Tests for __PLATSEC_UNLOCKED__ defined
1.1636 + */
1.1637 +
1.1638 + /* Check that the device driver is able to set word 0 of disabled capabilities */
1.1639 + ldd.SetDisabledCapabilities0(test_value);
1.1640 +
1.1641 + disabled.SetDisabled();
1.1642 + test_Equal(test_value, caps->iCaps[0]);
1.1643 + }
1.1644 +
1.1645 + /* Restore original value */
1.1646 + ldd.SetDisabledCapabilities0(caps0->iCaps[0]);
1.1647 +
1.1648 + ldd.Close();
1.1649 + }
1.1650 +
1.1651 +#include <e32svr.h>
1.1652 +
1.1653 +GLDEF_C TInt E32Main()
1.1654 + {
1.1655 + PlatSecEnforcement = PlatSec::ConfigSetting(PlatSec::EPlatSecEnforcement);
1.1656 +
1.1657 + TBuf16<512> cmd;
1.1658 + User::CommandLine(cmd);
1.1659 + if(cmd.Length() && TChar(cmd[0]).IsDigit())
1.1660 + {
1.1661 + TInt function = -1;
1.1662 + TInt arg1 = -1;
1.1663 + TInt arg2 = -1;
1.1664 + TLex lex(cmd);
1.1665 +
1.1666 + lex.Val(function);
1.1667 + lex.SkipSpace();
1.1668 + lex.Val(arg1);
1.1669 + lex.SkipSpace();
1.1670 + lex.Val(arg2);
1.1671 + return DoTestProcess(function,arg1,arg2);
1.1672 + }
1.1673 +
1.1674 + test.Title();
1.1675 +
1.1676 + if(PlatSecEnforcement)
1.1677 + test.Printf(_L("PlatSecConfig appears to be ON\n"));
1.1678 + else
1.1679 + test.Printf(_L("PlatSecConfig appears to be OFF\n"));
1.1680 +
1.1681 + test.Start(_L("Starting test server"));
1.1682 + RTestProcess server;
1.1683 + TRequestStatus rendezvous;
1.1684 + server.Create(~KTestCapabilities,ETestProcessServer,0,0);
1.1685 + server.Rendezvous(rendezvous);
1.1686 + server.Resume();
1.1687 + User::WaitForRequest(rendezvous);
1.1688 + test(rendezvous==KServerRendezvous);
1.1689 +
1.1690 + test.Next(_L("Openning server session"));
1.1691 + TInt r = Session.Connect();
1.1692 + RDebug::Print(_L("%d"),r);
1.1693 + test(r==KErrNone);
1.1694 +
1.1695 + test.Next(_L("Test Capability Names"));
1.1696 + TestCapabilityNames();
1.1697 +
1.1698 + test.Next(_L("Test TCapabilitySet"));
1.1699 + TestCapabilitySet();
1.1700 +
1.1701 + test.Next(_L("Test TSecurityInfo"));
1.1702 + TestSecurityInfo();
1.1703 +
1.1704 + test.Next(_L("Test SecureId functions"));
1.1705 + TestSecureId();
1.1706 +
1.1707 + test.Next(_L("Test VendorId functions"));
1.1708 + TestVendorId();
1.1709 +
1.1710 + test.Next(_L("Test HasCapability functions"));
1.1711 + TestHasCapability();
1.1712 +
1.1713 + test.Next(_L("Test TSecurityPolicy"));
1.1714 + TestSecurityPolicy();
1.1715 +
1.1716 + test.Next(_L("Test Kernel APIs"));
1.1717 + TestKernelAPIs();
1.1718 +
1.1719 + test.Next(_L("Test __PLATSEC_UNLOCKED__"));
1.1720 + TestPlatSecUnlocked();
1.1721 +
1.1722 + test.Next(_L("Test diagnostic message suppression"));
1.1723 + RThread().HasCapability(ECapabilityReadUserData,0);
1.1724 + test.Printf(_L("There should be a diagnostic message just before this\n"));
1.1725 + RThread().HasCapability(ECapabilityReadUserData,__PLATSEC_DIAGNOSTIC_STRING("You should see this"));
1.1726 + test.Printf(_L("There should be a diagnostic message just before this\n"));
1.1727 + RThread().HasCapability(ECapabilityReadUserData,KSuppressPlatSecDiagnostic);
1.1728 + test.Printf(_L("There should NOT be a diagnostic message just before this\n"));
1.1729 +
1.1730 + test.Next(_L("Closing server session"));
1.1731 + Session.Send(CTestSession::EShutdown);
1.1732 + Session.Close();
1.1733 + server.Close();
1.1734 +
1.1735 + test.End();
1.1736 + return(0);
1.1737 + }
1.1738 +