1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/kernelhwsrv/kerneltest/e32test/secure/t_platsecconfig.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,486 @@
1.4 +// Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
1.5 +// All rights reserved.
1.6 +// This component and the accompanying materials are made available
1.7 +// under the terms of the License "Eclipse Public License v1.0"
1.8 +// which accompanies this distribution, and is available
1.9 +// at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.10 +//
1.11 +// Initial Contributors:
1.12 +// Nokia Corporation - initial contribution.
1.13 +//
1.14 +// Contributors:
1.15 +//
1.16 +// Description:
1.17 +// e32test\secure\t_platsecconfig.cpp
1.18 +// This test checks the correct functioning of the Platform Security configuration.
1.19 +// To use this test for verification of the features, perform the following steps
1.20 +// On the WINS Emulator
1.21 +// 1. Run "T_PLATSECCONFIG.EXE"
1.22 +// Check that the results reported are:
1.23 +// PlatSecEnforcement is OFF
1.24 +// Disabled Capabilites: NONE
1.25 +// Check EPOCWIND.OUT and verify that it contains no diagnostic messages. (These will start with the text "*PlatSec* ")
1.26 +// 2. Run "T_PLATSECCONFIG.EXE -mt_platsecconfig --"
1.27 +// Check that the results reported are:
1.28 +// PlatSecEnforcement is ON
1.29 +// Disabled Capabilites: CommDD MultimediaDD WriteDeviceData TrustedUI DiskAdmin AllFiles NetworkServices ReadUserData Location (These are all ODD numbered capabilities)
1.30 +// Check EPOCWIND.OUT and verify that it contains two lines starting with "*PlatSec* ERROR - Capability check failed"
1.31 +// On reference hardware
1.32 +// 3. Build a Text Shell ROM contining the E32 tests. E.g.
1.33 +// cd \cedar\generic\base\e32\rombuild
1.34 +// rom -v=lubbock -t=e32test
1.35 +// Boot this ROM and run "T_PLATSECCONFIG.EXE"
1.36 +// Check that the results reported are:
1.37 +// PlatSecEnforcement is OFF
1.38 +// Disabled Capabilites: NONE
1.39 +// Check the output of the debug port and verify that it contains no diagnostic messages.
1.40 +// (These will start with the text "*PlatSec* ")
1.41 +// 4. Build a Text Shell ROM using the T_PLATSECCONFIG.OBY file. E.g.
1.42 +// cd \cedar\generic\base\e32\rombuild
1.43 +// rom -v=lubbock -t=t_platsecconfig
1.44 +// Boot this ROM and run "T_PLATSECCONFIG.EXE"
1.45 +// Check that the results reported are:
1.46 +// PlatSecEnforcement is ON
1.47 +// Disabled Capabilites: CommDD MultimediaDD WriteDeviceData TrustedUI DiskAdmin AllFiles NetworkServices ReadUserData Location (These are all ODD numbered capabilities)
1.48 +// Check the output of the debug port and verify that it contains two lines with "*PlatSec* ERROR - Capability check failed"
1.49 +// To check ROMBUILD configuration
1.50 +// 5. Build a Text Shell ROM using the T_PLATSECCONFIG_WARNIG.OBY file. E.g.
1.51 +// cd \cedar\generic\base\e32\rombuild
1.52 +// rom -v=lubbock -t=t_platsecconfig_warning
1.53 +// This should produce the following warning:
1.54 +// WARNING: *PlatSec* WARNING - Capability check failed. Can't load \Epoc32\RELEASE\ARM4\UDEB\t_psc_static.exebecause it links to t_psc_dll{00010000}.dll which has the following capabilities missing: TCB PowerMgmt ReadDeviceData DRM ProtServ NetworkControl SwEvent LocalServices WriteUserData
1.55 +// 6. Build a Text Shell ROM using the T_PLATSECCONFIG_ERROR.OBY file. E.g.
1.56 +// cd \cedar\generic\base\e32\rombuild
1.57 +// rom -v=lubbock -t=t_platsecconfig_error
1.58 +// This should produce the following error:
1.59 +// ERROR: *PlatSec* ERROR - Capability check failed. Can't load \Epoc32\RELEASE\ARM4\UDEB\t_psc_static.exe because it links to t_psc_dll{00010000}.dll which has the following capabilities missing: TCB PowerMgmt ReadDeviceData DRM ProtServ NetworkControl SwEvent LocalServices WriteUserData
1.60 +//
1.61 +//
1.62 +
1.63 +/**
1.64 + @file
1.65 +*/
1.66 +
1.67 +#define __INCLUDE_CAPABILITY_NAMES__
1.68 +
1.69 +#include <e32test.h>
1.70 +
1.71 +LOCAL_D RTest test(_L("T_PLATSECCONFIG"));
1.72 +
1.73 +enum TTestProcessFunctions
1.74 + {
1.75 + ETestProcessServer,
1.76 + ETestProcessLoadLib,
1.77 + };
1.78 +
1.79 +#include "testprocess.h"
1.80 +
1.81 +TInt StartServer();
1.82 +
1.83 +TInt DoTestProcess(TInt aTestNum,TInt aArg1,TInt aArg2)
1.84 + {
1.85 + (void)aArg1;
1.86 + (void)aArg2;
1.87 +
1.88 + switch(aTestNum)
1.89 + {
1.90 +
1.91 + case ETestProcessServer:
1.92 + return StartServer();
1.93 +
1.94 + case ETestProcessLoadLib:
1.95 + {
1.96 + RLibrary lib;
1.97 + TInt r = lib.Load(_L("T_PSC_DLL"));
1.98 + lib.Close();
1.99 + return r;
1.100 + }
1.101 +
1.102 + default:
1.103 + User::Panic(_L("T_PLATSECCONFIG"),1);
1.104 + }
1.105 +
1.106 + return KErrNone;
1.107 + }
1.108 +
1.109 +
1.110 +
1.111 +//
1.112 +// RTestThread
1.113 +//
1.114 +
1.115 +class RTestThread : public RThread
1.116 + {
1.117 +public:
1.118 + void Create(TThreadFunction aFunction,TAny* aArg=0);
1.119 + };
1.120 +
1.121 +void RTestThread::Create(TThreadFunction aFunction,TAny* aArg)
1.122 + {
1.123 + TInt r=RThread::Create(_L(""),aFunction,KDefaultStackSize,KDefaultStackSize,KDefaultStackSize,aArg);
1.124 + test(r==KErrNone);
1.125 + }
1.126 +
1.127 +
1.128 +//
1.129 +// CTestSession
1.130 +//
1.131 +
1.132 +class CTestSession : public CSession2
1.133 + {
1.134 +public:
1.135 + enum {EShutdown,EGetSecurityInfo};
1.136 +public:
1.137 + CTestSession();
1.138 + virtual void ServiceL(const RMessage2& aMessage);
1.139 +public:
1.140 + };
1.141 +
1.142 +CTestSession::CTestSession()
1.143 + : CSession2()
1.144 + {}
1.145 +
1.146 +void CTestSession::ServiceL(const RMessage2& aMessage)
1.147 + {
1.148 + RMessagePtr2 m(aMessage);
1.149 + switch (aMessage.Function())
1.150 + {
1.151 + case CTestSession::EGetSecurityInfo:
1.152 + {
1.153 + TSecurityInfo info;
1.154 + info.Set(RProcess());
1.155 + TInt r = aMessage.Write(0,TPtrC8((TUint8*)&info,sizeof(info)));
1.156 + m.Complete(r);
1.157 + }
1.158 + break;
1.159 +
1.160 + case CTestSession::EShutdown:
1.161 + CActiveScheduler::Stop();
1.162 + break;
1.163 +
1.164 + default:
1.165 + m.Complete(KErrNotSupported);
1.166 + break;
1.167 + }
1.168 + }
1.169 +
1.170 +
1.171 +
1.172 +//
1.173 +// CTestServer
1.174 +//
1.175 +
1.176 +class CTestServer : public CServer2
1.177 + {
1.178 +public:
1.179 + CTestServer(TInt aPriority);
1.180 + virtual CSession2* NewSessionL(const TVersion& aVersion,const RMessage2& aMessage) const;
1.181 + };
1.182 +
1.183 +CTestServer::CTestServer(TInt aPriority)
1.184 + : CServer2(aPriority)
1.185 + {
1.186 + }
1.187 +
1.188 +CSession2* CTestServer::NewSessionL(const TVersion& /*aVersion*/,const RMessage2& /*aMessage*/) const
1.189 + {
1.190 + return new (ELeave) CTestSession();
1.191 + }
1.192 +
1.193 +
1.194 +
1.195 +//
1.196 +// CTestActiveScheduler
1.197 +//
1.198 +
1.199 +class CTestActiveScheduler : public CActiveScheduler
1.200 + {
1.201 +public:
1.202 + virtual void Error(TInt anError) const;
1.203 + };
1.204 +
1.205 +void CTestActiveScheduler::Error(TInt anError) const
1.206 + {
1.207 + User::Panic(_L("TestServer Error"),anError);
1.208 + }
1.209 +
1.210 +
1.211 +
1.212 +//
1.213 +// Server thread
1.214 +//
1.215 +
1.216 +_LIT(KServerName,"T_PLATSECCONFIG-server");
1.217 +const TInt KServerRendezvous = KRequestPending+1;
1.218 +
1.219 +void DoStartServer()
1.220 + {
1.221 + CTestActiveScheduler* activeScheduler = new (ELeave) CTestActiveScheduler;
1.222 + CActiveScheduler::Install(activeScheduler);
1.223 + CleanupStack::PushL(activeScheduler);
1.224 +
1.225 + CTestServer* server = new (ELeave) CTestServer(0);
1.226 + CleanupStack::PushL(server);
1.227 +
1.228 + User::LeaveIfError(server->Start(KServerName));
1.229 +
1.230 + RProcess::Rendezvous(KServerRendezvous);
1.231 +
1.232 + CActiveScheduler::Start();
1.233 +
1.234 + CleanupStack::PopAndDestroy(2);
1.235 + }
1.236 +
1.237 +TInt StartServer()
1.238 + {
1.239 + CTrapCleanup* cleanupStack = CTrapCleanup::New();
1.240 + if(!cleanupStack)
1.241 + return KErrNoMemory;
1.242 + TRAPD(leaveError,DoStartServer())
1.243 + delete cleanupStack;
1.244 + return leaveError;
1.245 + }
1.246 +
1.247 +
1.248 +
1.249 +//
1.250 +// RTestSession
1.251 +//
1.252 +
1.253 +class RTestSession : public RSessionBase
1.254 + {
1.255 +public:
1.256 + inline TInt Connect()
1.257 + { return CreateSession(KServerName,TVersion());}
1.258 + inline TInt Send(TInt aFunction)
1.259 + { return RSessionBase::SendReceive(aFunction); }
1.260 + inline TInt Send(TInt aFunction,const TIpcArgs& aArgs)
1.261 + { return RSessionBase::SendReceive(aFunction,aArgs); }
1.262 + inline void Send(TInt aFunction,TRequestStatus& aStatus)
1.263 + { RSessionBase::SendReceive(aFunction,aStatus); }
1.264 + inline void Send(TInt aFunction,const TIpcArgs& aArgs,TRequestStatus& aStatus)
1.265 + { RSessionBase::SendReceive(aFunction,aArgs,aStatus); }
1.266 + };
1.267 +
1.268 +
1.269 +
1.270 +RTestSession Session;
1.271 +
1.272 +
1.273 +
1.274 +void CheckCapabilitySetEqual(const TCapabilitySet& a1,const TCapabilitySet& a2)
1.275 + {
1.276 + TInt i;
1.277 + for(i=0; i<ECapability_Limit; i++)
1.278 + test((!a1.HasCapability((TCapability)i))==(!a2.HasCapability((TCapability)i)));
1.279 + }
1.280 +
1.281 +TBuf8<1024> CapabilityNameBuffer;
1.282 +TBool PlatSecEnforcement=0;
1.283 +
1.284 +TPtrC16 CapabilityList(const TCapabilitySet& aCaps)
1.285 + {
1.286 + TCapabilitySet allCaps;
1.287 + allCaps.SetAllSupported();
1.288 + CapabilityNameBuffer.Zero();
1.289 + TBool odd=ETrue;
1.290 + TBool even=ETrue;
1.291 + TInt i;
1.292 + for(i=0; i<ECapability_Limit; i++)
1.293 + {
1.294 + if(!aCaps.HasCapability((TCapability)i))
1.295 + {
1.296 + if(allCaps.HasCapability((TCapability)i))
1.297 + {
1.298 + if(i&1)
1.299 + odd = EFalse;
1.300 + else
1.301 + even = EFalse;
1.302 + }
1.303 + continue;
1.304 + }
1.305 + TUint8* ptr=(TUint8*)CapabilityNames[i];
1.306 + TPtrC8 name(ptr,User::StringLength(ptr));
1.307 + CapabilityNameBuffer.Append(name);
1.308 + CapabilityNameBuffer.Append((TChar)' ');
1.309 + }
1.310 + if(!CapabilityNameBuffer.Length())
1.311 + CapabilityNameBuffer.Append(_L8("NONE"));
1.312 + if(even)
1.313 + CapabilityNameBuffer.Append(_L8("(These are all EVEN numbered capabilities)"));
1.314 + if(odd)
1.315 + CapabilityNameBuffer.Append(_L8("(These are all ODD numbered capabilities)"));
1.316 + return CapabilityNameBuffer.Expand();
1.317 +}
1.318 +
1.319 +void TestPlatSecDisabledCaps()
1.320 + {
1.321 + TSecurityInfo info;
1.322 + TPckg<TSecurityInfo> infoPtr(info);
1.323 +
1.324 + test.Start(_L("Get disabled capabilities set"));
1.325 + TCapabilitySet disabled;
1.326 + disabled.SetDisabled();
1.327 + TPtrC16 list(CapabilityList(disabled));
1.328 + test.Printf(_L(" %S\n"),&list);
1.329 +
1.330 + test.Next(_L("Get capabilites from this EXE"));
1.331 + Mem::FillZ(&info,sizeof(info));
1.332 + info.SetToCurrentInfo();
1.333 +
1.334 + test.Next(_L("Check capabilities are same as disabled set"));
1.335 + CheckCapabilitySetEqual(info.iCaps,disabled);
1.336 +
1.337 + test.Next(_L("Get capabilites from other EXE"));
1.338 + Mem::FillZ(&info,sizeof(info));
1.339 + TInt r = Session.Send(CTestSession::EGetSecurityInfo,TIpcArgs(&infoPtr));
1.340 + test(r==KErrNone);
1.341 +
1.342 + test.Next(_L("Check capabilities are same as disabled set"));
1.343 + CheckCapabilitySetEqual(info.iCaps,disabled);
1.344 +
1.345 + test.Next(_L("Test PlatSec::IsCapabilityEnforced is consistant with our findings"));
1.346 + TCapabilitySet notEnforced;
1.347 + notEnforced.SetEmpty();
1.348 + for(TInt i=0; i<ECapability_HardLimit; i++)
1.349 + if(!PlatSec::IsCapabilityEnforced((TCapability)i))
1.350 + notEnforced.AddCapability((TCapability)i);
1.351 + if(!PlatSec::ConfigSetting(PlatSec::EPlatSecEnforcement))
1.352 + disabled.SetAllSupported();
1.353 + CheckCapabilitySetEqual(notEnforced,disabled);
1.354 +
1.355 + test.End();
1.356 + }
1.357 +
1.358 +_LIT(KRomExe,"T_PLATSECCONFIG2.EXE");
1.359 +_LIT(KOn,"ON");
1.360 +_LIT(KOff,"OFF");
1.361 +
1.362 +void TestPlatSecEnforcement()
1.363 + {
1.364 + RProcess process;
1.365 + TInt r;
1.366 +
1.367 + test.Start(_L("Getting PlatSecEnforcement setting"));
1.368 + PlatSecEnforcement = PlatSec::ConfigSetting(PlatSec::EPlatSecEnforcement);
1.369 + test.Printf(_L(" PlatSecEnforcement setting returns %S\n"),PlatSecEnforcement?&KOn:&KOff);
1.370 +
1.371 + test.Next(_L("Check dynamic linkage without required capabilities"));
1.372 + TBuf<10> arg;
1.373 + arg.Num((TInt)ETestProcessLoadLib);
1.374 + r=process.Create(_L("T_PSC_DYNAMIC"),arg);
1.375 + test(r==KErrNone);
1.376 + TRequestStatus logon;
1.377 + process.Logon(logon);
1.378 + process.Resume();
1.379 + User::WaitForRequest(logon);
1.380 + test(process.ExitType()==EExitKill);
1.381 + r=logon.Int();
1.382 + CLOSE_AND_WAIT(process);
1.383 + if(PlatSecEnforcement)
1.384 + test(r==KErrPermissionDenied);
1.385 + else
1.386 + test(r==KErrNone);
1.387 +
1.388 + test.Next(_L("Check static linkage without required capabilities"));
1.389 + r=process.Create(_L("T_PSC_STATIC"),_L(""));
1.390 + if(PlatSecEnforcement)
1.391 + test(r==KErrPermissionDenied);
1.392 + else
1.393 + {
1.394 + test(r==KErrNone);
1.395 + process.Kill(0);
1.396 + CLOSE_AND_WAIT(process);
1.397 + }
1.398 +
1.399 + test.End();
1.400 + }
1.401 +
1.402 +#include <e32svr.h>
1.403 +IMPORT_C void dummyExport();
1.404 +
1.405 +GLDEF_C TInt E32Main()
1.406 + {
1.407 +#ifdef STATIC_TEST_LINK
1.408 + dummyExport(); // Use dummy export from staticly linked DLL
1.409 +#endif
1.410 + TBuf16<512> cmd;
1.411 + User::CommandLine(cmd);
1.412 + if(cmd.Length() && TChar(cmd[0]).IsDigit())
1.413 + {
1.414 + TInt function = -1;
1.415 + TInt arg1 = -1;
1.416 + TInt arg2 = -1;
1.417 + TLex lex(cmd);
1.418 +
1.419 + lex.Val(function);
1.420 + lex.SkipSpace();
1.421 + lex.Val(arg1);
1.422 + lex.SkipSpace();
1.423 + lex.Val(arg2);
1.424 + return DoTestProcess(function,arg1,arg2);
1.425 + }
1.426 +
1.427 + test.Title();
1.428 +
1.429 + test.Start(_L("Starting test server"));
1.430 + RTestProcess server;
1.431 + TRequestStatus rendezvous;
1.432 + TBuf<10> arg;
1.433 + arg.Num((TInt)ETestProcessServer);
1.434 + TInt r=server.RProcess::Create(KRomExe,arg);
1.435 + test(r==KErrNone);
1.436 + server.Rendezvous(rendezvous);
1.437 + server.Resume();
1.438 + User::WaitForRequest(rendezvous);
1.439 + test(rendezvous==KServerRendezvous);
1.440 +
1.441 + test.Next(_L("Openning server session"));
1.442 + r = Session.Connect();
1.443 + RDebug::Print(_L("%d"),r);
1.444 + test(r==KErrNone);
1.445 +
1.446 + test.Next(_L("Test PlatSecDisabledCaps"));
1.447 + TestPlatSecDisabledCaps();
1.448 +
1.449 + test.Next(_L("Test PlatSecEnforcement"));
1.450 + TestPlatSecEnforcement();
1.451 +
1.452 + test.Next(_L("Closing server session"));
1.453 + Session.Send(CTestSession::EShutdown);
1.454 + Session.Close();
1.455 + CLOSE_AND_WAIT(server);
1.456 +
1.457 + // Show results requiring manual inspection
1.458 + _LIT(KSeperatorText,"----------------------------------------------------------------------------\n");
1.459 + test.Printf(_L("\n"));
1.460 + test.Printf(_L("RESULTS (To be checked against expected values)\n"));
1.461 + test.Printf(KSeperatorText);
1.462 + test.Printf(_L("* PlatSecEnforcement is %S\n"),PlatSecEnforcement?&KOn:&KOff);
1.463 + test.Printf(KSeperatorText);
1.464 + TCapabilitySet disabled;
1.465 + disabled.SetDisabled();
1.466 + TPtrC16 list(CapabilityList(disabled));
1.467 + test.Printf(_L("* Disabled Capabilites: %S\n"),&list);
1.468 + test.Printf(KSeperatorText);
1.469 +
1.470 + // Wait for a while, or for a key press
1.471 + test.Printf(_L("Waiting a short while for key press...\n"));
1.472 + TRequestStatus keyStat;
1.473 + test.Console()->Read(keyStat);
1.474 + RTimer timer;
1.475 + test(timer.CreateLocal()==KErrNone);
1.476 + TRequestStatus timerStat;
1.477 + timer.After(timerStat,20*1000000);
1.478 + User::WaitForRequest(timerStat,keyStat);
1.479 + TInt key = 0;
1.480 + if(keyStat!=KRequestPending)
1.481 + key = test.Console()->KeyCode();
1.482 + timer.Cancel();
1.483 + test.Console()->ReadCancel();
1.484 + User::WaitForAnyRequest();
1.485 +
1.486 + test.End();
1.487 + return(0);
1.488 + }
1.489 +