1 // SPDX-License-Identifier: GPL-2.0
3 * Copyright (C) 2020-2024 Microsoft Corporation. All rights reserved.
6 #include <linux/slab.h>
7 #include <linux/types.h>
8 #include <linux/list.h>
9 #include <kunit/test.h>
12 const char *const policy;
14 const char *const desc;
17 static const struct policy_case policy_cases[] = {
19 "policy_name=allowall policy_version=0.0.0\n"
20 "DEFAULT action=ALLOW",
25 "policy_name=trailing_comment policy_version=152.0.0 #This is comment\n"
26 "DEFAULT action=ALLOW",
31 "policy_name=allowallnewline policy_version=0.2.0\n"
32 "DEFAULT action=ALLOW\n"
38 "policy_name=carriagereturnlinefeed policy_version=0.0.1\n"
39 "DEFAULT action=ALLOW\n"
45 "policy_name=whitespace policy_version=0.0.0\n"
46 "DEFAULT\taction=ALLOW\n"
47 " \t DEFAULT \t op=EXECUTE action=DENY\n"
48 "op=EXECUTE boot_verified=TRUE action=ALLOW\n"
49 "# this is a\tcomment\t\t\t\t\n"
50 "DEFAULT \t op=KMODULE\t\t\t action=DENY\r\n"
51 "op=KMODULE boot_verified=TRUE action=ALLOW\n",
53 "various whitespaces and nested default",
56 "policy_name=boot_verified policy_version=-1236.0.0\n"
57 "DEFAULT\taction=ALLOW\n",
62 "policy_name=$@!*&^%%\\:;{}() policy_version=0.0.0\n"
63 "DEFAULT action=ALLOW",
68 "policy_name=test policy_version=999999.0.0\n"
69 "DEFAULT action=ALLOW",
74 "policy_name=test policy_version=255.0\n"
75 "DEFAULT action=ALLOW",
80 "policy_name=test policy_version=111.0.0.0\n"
81 "DEFAULT action=ALLOW",
91 "policy_name=test\0policy_version=0.0.0\n"
92 "DEFAULT action=ALLOW",
94 "random null in header",
97 "policy_name=test policy_version=0.0.0\n"
98 "\0DEFAULT action=ALLOW",
100 "incomplete policy from NULL",
103 "policy_name=test policy_version=0.0.0\n"
104 "DEFAULT action=DENY\n\0"
105 "op=EXECUTE dmverity_signature=TRUE action=ALLOW\n",
107 "NULL truncates policy",
110 "policy_name=test policy_version=0.0.0\n"
111 "DEFAULT action=ALLOW\n"
112 "op=EXECUTE dmverity_signature=abc action=ALLOW",
114 "invalid property type",
117 "DEFAULT action=ALLOW",
119 "missing policy header",
122 "policy_name=test policy_version=0.0.0\n",
124 "missing default definition",
127 "policy_name=test policy_version=0.0.0\n"
128 "DEFAULT action=ALLOW\n"
129 "dmverity_signature=TRUE op=EXECUTE action=ALLOW",
131 "invalid rule ordering"
134 "policy_name=test policy_version=0.0.0\n"
135 "DEFAULT action=ALLOW\n"
136 "action=ALLOW op=EXECUTE dmverity_signature=TRUE",
138 "invalid rule ordering (2)",
141 "policy_name=test policy_version=0.0\n"
142 "DEFAULT action=ALLOW\n"
143 "op=EXECUTE dmverity_signature=TRUE action=ALLOW",
148 "policy_name=test policy_version=0.0.0\n"
149 "DEFAULT action=ALLOW\n"
150 "op=UNKNOWN dmverity_signature=TRUE action=ALLOW",
155 "policy_name=asdvpolicy_version=0.0.0\n"
156 "DEFAULT action=ALLOW\n",
158 "missing space after policy name",
161 "policy_name=test\xFF\xEF policy_version=0.0.0\n"
162 "DEFAULT action=ALLOW\n"
163 "op=EXECUTE dmverity_signature=TRUE action=ALLOW",
168 "policy_name=test\xFF\xEF policy_version=0.0.0\n"
169 "DEFAULT action=ALLOW\n"
170 "op=EXECUTE dmverity_roothash=GOOD_DOG action=ALLOW",
172 "invalid property value (2)",
175 "policy_name=test policy_version=0.0.0\n"
176 "policy_name=test policy_version=0.1.0\n"
177 "DEFAULT action=ALLOW",
182 "policy_name=test policy_version=0.0.0\n"
183 "DEFAULT action=ALLOW\n"
184 "DEFAULT action=ALLOW\n",
189 "policy_name=test policy_version=0.0.0\n"
190 "DEFAULT action=ALLOW\n"
191 "DEFAULT op=EXECUTE action=DENY\n"
192 "DEFAULT op=EXECUTE action=ALLOW\n",
194 "double operation default"
197 "policy_name=test policy_version=0.0.0\n"
198 "DEFAULT action=ALLOW\n"
199 "DEFAULT op=EXECUTE action=DEN\n",
201 "invalid action value"
204 "policy_name=test policy_version=0.0.0\n"
205 "DEFAULT action=ALLOW\n"
206 "DEFAULT op=EXECUTE action\n",
208 "invalid action value (2)"
211 "policy_name=test policy_version=0.0.0\n"
212 "DEFAULT action=ALLOW\n"
213 "UNKNOWN value=true\n",
215 "unrecognized statement"
218 "policy_name=test policy_version=0.0.0\n"
219 "DEFAULT action=ALLOW\n"
220 "op=EXECUTE dmverity_roothash=1c0d7ee1f8343b7fbe418378e8eb22c061d7dec7 action=DENY\n",
225 "policy_name=test policy_version=0.0.0\n"
226 "DEFAULT action=ALLOW\n"
227 "op=EXECUTE fsverity_digest=1c0d7ee1f8343b7fbe418378e8eb22c061d7dec7 action=DENY\n",
233 static void pol_to_desc(const struct policy_case *c, char *desc)
235 strscpy(desc, c->desc, KUNIT_PARAM_DESC_SIZE);
238 KUNIT_ARRAY_PARAM(ipe_policies, policy_cases, pol_to_desc);
241 * ipe_parser_unsigned_test - Test the parser by passing unsigned policies.
242 * @test: Supplies a pointer to a kunit structure.
244 * This is called by the kunit harness. This test does not check the correctness
245 * of the policy, but ensures that errors are handled correctly.
247 static void ipe_parser_unsigned_test(struct kunit *test)
249 const struct policy_case *p = test->param_value;
250 struct ipe_policy *pol;
252 pol = ipe_new_policy(p->policy, strlen(p->policy), NULL, 0);
255 KUNIT_EXPECT_EQ(test, PTR_ERR(pol), p->errno);
259 KUNIT_ASSERT_NOT_ERR_OR_NULL(test, pol);
260 KUNIT_EXPECT_NOT_ERR_OR_NULL(test, pol->parsed);
261 KUNIT_EXPECT_STREQ(test, pol->text, p->policy);
262 KUNIT_EXPECT_PTR_EQ(test, NULL, pol->pkcs7);
263 KUNIT_EXPECT_EQ(test, 0, pol->pkcs7len);
265 ipe_free_policy(pol);
269 * ipe_parser_widestring_test - Ensure parser fail on a wide string policy.
270 * @test: Supplies a pointer to a kunit structure.
272 * This is called by the kunit harness.
274 static void ipe_parser_widestring_test(struct kunit *test)
276 const unsigned short policy[] = L"policy_name=Test policy_version=0.0.0\n"
277 L"DEFAULT action=ALLOW";
278 struct ipe_policy *pol = NULL;
280 pol = ipe_new_policy((const char *)policy, (ARRAY_SIZE(policy) - 1) * 2, NULL, 0);
281 KUNIT_EXPECT_TRUE(test, IS_ERR_OR_NULL(pol));
283 ipe_free_policy(pol);
286 static struct kunit_case ipe_parser_test_cases[] = {
287 KUNIT_CASE_PARAM(ipe_parser_unsigned_test, ipe_policies_gen_params),
288 KUNIT_CASE(ipe_parser_widestring_test),
292 static struct kunit_suite ipe_parser_test_suite = {
293 .name = "ipe-parser",
294 .test_cases = ipe_parser_test_cases,
297 kunit_test_suite(ipe_parser_test_suite);
projects / linux.git / blob