| # Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| __author__ = '[email protected] (Stephan Uphoff)' |
| |
| import logging |
| import os |
| import utils |
| |
| from autotest_lib.client.bin import utils, test |
| from autotest_lib.client.common_lib import error |
| |
| |
| class security_ChromiumOSLSM(test.test): |
| """ |
| Verify Chromium OS Security Module behaves as expected. |
| """ |
| version = 1 |
| |
| def _mount(self, target): |
| cmd = "mount -c -n -t tmpfs -o nodev,noexec,nosuid test %s" % (target) |
| return utils.system(cmd, ignore_status=True) |
| |
| def _umount(self, target): |
| utils.system('umount -n %s' % (target)) |
| |
| def _check_mount(self, target, expected, msg): |
| succeeded = (self._mount(target) == 0) |
| if succeeded: |
| self._umount(target) |
| if succeeded != expected: |
| logging.error(msg) |
| return 1 |
| return 0 |
| |
| def run_once(self): |
| errors = 0 |
| test_dir = '/tmp/chromium_lsm_test_dir' |
| os.mkdir(test_dir, 0700) |
| |
| mnt_target = '%s/mount_point' % (test_dir) |
| os.mkdir(mnt_target, 0700) |
| |
| sym_target = '%s/symlink' % (test_dir) |
| os.symlink('mount_point', sym_target) |
| |
| # Mounting should succeed (no symbolic link in mount path). |
| errors += self._check_mount(mnt_target, True, |
| 'Unable to mount on a directory') |
| |
| # Mounting should fail as we used a mount path with a symbolic link. |
| errors += self._check_mount(sym_target, False, |
| 'Unexpectedly mounted on a symlink') |
| |
| utils.system('rm -rf ' + test_dir) |
| # If self.error is not zero, there were errors. |
| if errors > 0: |
| raise error.TestFail('Failed %d tests' % errors) |
