policy_unpack_test.c source code [linux/security/apparmor/policy_unpack_test.c]

1	// SPDX-License-Identifier: GPL-2.0-only
2	/*
3	* KUnit tests for AppArmor's policy unpack.
4	*/
5
6	#include <kunit/test.h>
7	#include <kunit/visibility.h>
8
9	#include "include/policy.h"
10	#include "include/policy_unpack.h"
11
12	#define TEST_STRING_NAME "TEST_STRING"
13	#define TEST_STRING_DATA "testing"
14	#define TEST_STRING_BUF_OFFSET \
15	(3 + strlen(TEST_STRING_NAME) + 1)
16
17	#define TEST_U32_NAME "U32_TEST"
18	#define TEST_U32_DATA ((u32)0x01020304)
19	#define TEST_NAMED_U32_BUF_OFFSET \
20	(TEST_STRING_BUF_OFFSET + 3 + strlen(TEST_STRING_DATA) + 1)
21	#define TEST_U32_BUF_OFFSET \
22	(TEST_NAMED_U32_BUF_OFFSET + 3 + strlen(TEST_U32_NAME) + 1)
23
24	#define TEST_U16_OFFSET (TEST_U32_BUF_OFFSET + 3)
25	#define TEST_U16_DATA ((u16)(TEST_U32_DATA >> 16))
26
27	#define TEST_U64_NAME "U64_TEST"
28	#define TEST_U64_DATA ((u64)0x0102030405060708)
29	#define TEST_NAMED_U64_BUF_OFFSET (TEST_U32_BUF_OFFSET + sizeof(u32) + 1)
30	#define TEST_U64_BUF_OFFSET \
31	(TEST_NAMED_U64_BUF_OFFSET + 3 + strlen(TEST_U64_NAME) + 1)
32
33	#define TEST_BLOB_NAME "BLOB_TEST"
34	#define TEST_BLOB_DATA "\xde\xad\x00\xbe\xef"
35	#define TEST_BLOB_DATA_SIZE (ARRAY_SIZE(TEST_BLOB_DATA))
36	#define TEST_NAMED_BLOB_BUF_OFFSET (TEST_U64_BUF_OFFSET + sizeof(u64) + 1)
37	#define TEST_BLOB_BUF_OFFSET \
38	(TEST_NAMED_BLOB_BUF_OFFSET + 3 + strlen(TEST_BLOB_NAME) + 1)
39
40	#define TEST_ARRAY_NAME "ARRAY_TEST"
41	#define TEST_ARRAY_SIZE 16
42	#define TEST_NAMED_ARRAY_BUF_OFFSET \
43	(TEST_BLOB_BUF_OFFSET + 5 + TEST_BLOB_DATA_SIZE)
44	#define TEST_ARRAY_BUF_OFFSET \
45	(TEST_NAMED_ARRAY_BUF_OFFSET + 3 + strlen(TEST_ARRAY_NAME) + 1)
46
47	MODULE_IMPORT_NS(EXPORTED_FOR_KUNIT_TESTING);
48
49	struct policy_unpack_fixture {
50	struct aa_ext *e;
51	size_t e_size;
52	};
53
54	static struct aa_ext build_aa_ext_struct(struct* policy_unpack_fixture *puf,
55	struct kunit *test, size_t buf_size)
56	{
57	char *buf;
58	struct aa_ext *e;
59
60	buf = kunit_kzalloc(test, size: buf_size, GFP_USER);
61	KUNIT_EXPECT_NOT_ERR_OR_NULL(test, buf);
62
63	e = kunit_kmalloc(test, size: sizeof(*e), GFP_USER);
64	KUNIT_EXPECT_NOT_ERR_OR_NULL(test, e);
65
66	e->start = buf;
67	e->end = e->start + buf_size;
68	e->pos = e->start;
69
70	*buf = AA_NAME;
71	*(buf + `1`) = strlen(TEST_STRING_NAME) + `1`;
72	strscpy(buf + `3`, TEST_STRING_NAME, e->end - (void *)(buf + `3`));
73
74	buf = e->start + TEST_STRING_BUF_OFFSET;
75	*buf = AA_STRING;
76	*(buf + `1`) = strlen(TEST_STRING_DATA) + `1`;
77	strscpy(buf + `3`, TEST_STRING_DATA, e->end - (void *)(buf + `3`));
78	buf = e->start + TEST_NAMED_U32_BUF_OFFSET;
79	*buf = AA_NAME;
80	*(buf + `1`) = strlen(TEST_U32_NAME) + `1`;
81	strscpy(buf + `3`, TEST_U32_NAME, e->end - (void *)(buf + `3`));
82	*(buf + `3` + strlen(TEST_U32_NAME) + `1`) = AA_U32;
83	((u32 )(buf + `3` + strlen(TEST_U32_NAME) + `2`)) = TEST_U32_DATA;
84
85	buf = e->start + TEST_NAMED_U64_BUF_OFFSET;
86	*buf = AA_NAME;
87	*(buf + `1`) = strlen(TEST_U64_NAME) + `1`;
88	strscpy(buf + `3`, TEST_U64_NAME, e->end - (void *)(buf + `3`));
89	*(buf + `3` + strlen(TEST_U64_NAME) + `1`) = AA_U64;
90	((u64 )(buf + `3` + strlen(TEST_U64_NAME) + `2`)) = TEST_U64_DATA;
91
92	buf = e->start + TEST_NAMED_BLOB_BUF_OFFSET;
93	*buf = AA_NAME;
94	*(buf + `1`) = strlen(TEST_BLOB_NAME) + `1`;
95	strscpy(buf + `3`, TEST_BLOB_NAME, e->end - (void *)(buf + `3`));
96	*(buf + `3` + strlen(TEST_BLOB_NAME) + `1`) = AA_BLOB;
97	*(buf + `3` + strlen(TEST_BLOB_NAME) + `2`) = TEST_BLOB_DATA_SIZE;
98	memcpy(buf + `3` + strlen(TEST_BLOB_NAME) + `6`,
99	TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE);
100
101	buf = e->start + TEST_NAMED_ARRAY_BUF_OFFSET;
102	*buf = AA_NAME;
103	*(buf + `1`) = strlen(TEST_ARRAY_NAME) + `1`;
104	strscpy(buf + `3`, TEST_ARRAY_NAME, e->end - (void *)(buf + `3`));
105	*(buf + `3` + strlen(TEST_ARRAY_NAME) + `1`) = AA_ARRAY;
106	((u16 )(buf + `3` + strlen(TEST_ARRAY_NAME) + `2`)) = TEST_ARRAY_SIZE;
107
108	return e;
109	}
110
111	static int policy_unpack_test_init(struct kunit *test)
112	{
113	size_t e_size = TEST_ARRAY_BUF_OFFSET + sizeof(u16) + `1`;
114	struct policy_unpack_fixture *puf;
115
116	puf = kunit_kmalloc(test, size: sizeof(*puf), GFP_USER);
117	KUNIT_EXPECT_NOT_ERR_OR_NULL(test, puf);
118
119	puf->e_size = e_size;
120	puf->e = build_aa_ext_struct(puf, test, buf_size: e_size);
121
122	test->priv = puf;
123	return `0`;
124	}
125
126	static void policy_unpack_test_inbounds_when_inbounds(struct kunit *test)
127	{
128	struct policy_unpack_fixture *puf = test->priv;
129
130	KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, `0`));
131	KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, puf->e_size / `2`));
132	KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, puf->e_size));
133	}
134
135	static void policy_unpack_test_inbounds_when_out_of_bounds(struct kunit *test)
136	{
137	struct policy_unpack_fixture *puf = test->priv;
138
139	KUNIT_EXPECT_FALSE(test, aa_inbounds(puf->e, puf->e_size + `1`));
140	}
141
142	static void policy_unpack_test_unpack_array_with_null_name(struct kunit *test)
143	{
144	struct policy_unpack_fixture *puf = test->priv;
145	u16 array_size = `0`;
146
147	puf->e->pos += TEST_ARRAY_BUF_OFFSET;
148
149	KUNIT_EXPECT_TRUE(test, aa_unpack_array(puf->e, NULL, &array_size));
150	KUNIT_EXPECT_EQ(test, array_size, (u16)TEST_ARRAY_SIZE);
151	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
152	puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16) + `1`);
153	}
154
155	static void policy_unpack_test_unpack_array_with_name(struct kunit *test)
156	{
157	struct policy_unpack_fixture *puf = test->priv;
158	const char name[] = TEST_ARRAY_NAME;
159	u16 array_size = `0`;
160
161	puf->e->pos += TEST_NAMED_ARRAY_BUF_OFFSET;
162
163	KUNIT_EXPECT_TRUE(test, aa_unpack_array(puf->e, name, &array_size));
164	KUNIT_EXPECT_EQ(test, array_size, (u16)TEST_ARRAY_SIZE);
165	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
166	puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16) + `1`);
167	}
168
169	static void policy_unpack_test_unpack_array_out_of_bounds(struct kunit *test)
170	{
171	struct policy_unpack_fixture *puf = test->priv;
172	const char name[] = TEST_ARRAY_NAME;
173	u16 array_size;
174
175	puf->e->pos += TEST_NAMED_ARRAY_BUF_OFFSET;
176	puf->e->end = puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16);
177
178	KUNIT_EXPECT_FALSE(test, aa_unpack_array(puf->e, name, &array_size));
179	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
180	puf->e->start + TEST_NAMED_ARRAY_BUF_OFFSET);
181	}
182
183	static void policy_unpack_test_unpack_blob_with_null_name(struct kunit *test)
184	{
185	struct policy_unpack_fixture *puf = test->priv;
186	char *blob = NULL;
187	size_t size;
188
189	puf->e->pos += TEST_BLOB_BUF_OFFSET;
190	size = aa_unpack_blob(e: puf->e, blob: &blob, NULL);
191
192	KUNIT_ASSERT_EQ(test, size, TEST_BLOB_DATA_SIZE);
193	KUNIT_EXPECT_TRUE(test,
194	memcmp(blob, TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE) == `0`);
195	}
196
197	static void policy_unpack_test_unpack_blob_with_name(struct kunit *test)
198	{
199	struct policy_unpack_fixture *puf = test->priv;
200	char *blob = NULL;
201	size_t size;
202
203	puf->e->pos += TEST_NAMED_BLOB_BUF_OFFSET;
204	size = aa_unpack_blob(e: puf->e, blob: &blob, TEST_BLOB_NAME);
205
206	KUNIT_ASSERT_EQ(test, size, TEST_BLOB_DATA_SIZE);
207	KUNIT_EXPECT_TRUE(test,
208	memcmp(blob, TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE) == `0`);
209	}
210
211	static void policy_unpack_test_unpack_blob_out_of_bounds(struct kunit *test)
212	{
213	struct policy_unpack_fixture *puf = test->priv;
214	char *blob = NULL;
215	void *start;
216	int size;
217
218	puf->e->pos += TEST_NAMED_BLOB_BUF_OFFSET;
219	start = puf->e->pos;
220	puf->e->end = puf->e->start + TEST_BLOB_BUF_OFFSET
221	+ TEST_BLOB_DATA_SIZE - `1`;
222
223	size = aa_unpack_blob(e: puf->e, blob: &blob, TEST_BLOB_NAME);
224
225	KUNIT_EXPECT_EQ(test, size, `0`);
226	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start);
227	}
228
229	static void policy_unpack_test_unpack_str_with_null_name(struct kunit *test)
230	{
231	struct policy_unpack_fixture *puf = test->priv;
232	const char *string = NULL;
233	size_t size;
234
235	puf->e->pos += TEST_STRING_BUF_OFFSET;
236	size = aa_unpack_str(e: puf->e, string: &string, NULL);
237
238	KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + `1`);
239	KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);
240	}
241
242	static void policy_unpack_test_unpack_str_with_name(struct kunit *test)
243	{
244	struct policy_unpack_fixture *puf = test->priv;
245	const char *string = NULL;
246	size_t size;
247
248	size = aa_unpack_str(e: puf->e, string: &string, TEST_STRING_NAME);
249
250	KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + `1`);
251	KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);
252	}
253
254	static void policy_unpack_test_unpack_str_out_of_bounds(struct kunit *test)
255	{
256	struct policy_unpack_fixture *puf = test->priv;
257	const char *string = NULL;
258	void *start = puf->e->pos;
259	int size;
260
261	puf->e->end = puf->e->pos + TEST_STRING_BUF_OFFSET
262	+ strlen(TEST_STRING_DATA) - `1`;
263
264	size = aa_unpack_str(e: puf->e, string: &string, TEST_STRING_NAME);
265
266	KUNIT_EXPECT_EQ(test, size, `0`);
267	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start);
268	}
269
270	static void policy_unpack_test_unpack_strdup_with_null_name(struct kunit *test)
271	{
272	struct policy_unpack_fixture *puf = test->priv;
273	char *string = NULL;
274	size_t size;
275
276	puf->e->pos += TEST_STRING_BUF_OFFSET;
277	size = aa_unpack_strdup(e: puf->e, string: &string, NULL);
278
279	KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + `1`);
280	KUNIT_EXPECT_FALSE(test,
281	((uintptr_t)puf->e->start <= (uintptr_t)string)
282	&& ((uintptr_t)string <= (uintptr_t)puf->e->end));
283	KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);
284	}
285
286	static void policy_unpack_test_unpack_strdup_with_name(struct kunit *test)
287	{
288	struct policy_unpack_fixture *puf = test->priv;
289	char *string = NULL;
290	size_t size;
291
292	size = aa_unpack_strdup(e: puf->e, string: &string, TEST_STRING_NAME);
293
294	KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + `1`);
295	KUNIT_EXPECT_FALSE(test,
296	((uintptr_t)puf->e->start <= (uintptr_t)string)
297	&& ((uintptr_t)string <= (uintptr_t)puf->e->end));
298	KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);
299	}
300
301	static void policy_unpack_test_unpack_strdup_out_of_bounds(struct kunit *test)
302	{
303	struct policy_unpack_fixture *puf = test->priv;
304	void *start = puf->e->pos;
305	char *string = NULL;
306	int size;
307
308	puf->e->end = puf->e->pos + TEST_STRING_BUF_OFFSET
309	+ strlen(TEST_STRING_DATA) - `1`;
310
311	size = aa_unpack_strdup(e: puf->e, string: &string, TEST_STRING_NAME);
312
313	KUNIT_EXPECT_EQ(test, size, `0`);
314	KUNIT_EXPECT_NULL(test, string);
315	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start);
316	}
317
318	static void policy_unpack_test_unpack_nameX_with_null_name(struct kunit *test)
319	{
320	struct policy_unpack_fixture *puf = test->priv;
321	bool success;
322
323	puf->e->pos += TEST_U32_BUF_OFFSET;
324
325	success = aa_unpack_nameX(e: puf->e, code: AA_U32, NULL);
326
327	KUNIT_EXPECT_TRUE(test, success);
328	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
329	puf->e->start + TEST_U32_BUF_OFFSET + `1`);
330	}
331
332	static void policy_unpack_test_unpack_nameX_with_wrong_code(struct kunit *test)
333	{
334	struct policy_unpack_fixture *puf = test->priv;
335	bool success;
336
337	puf->e->pos += TEST_U32_BUF_OFFSET;
338
339	success = aa_unpack_nameX(e: puf->e, code: AA_BLOB, NULL);
340
341	KUNIT_EXPECT_FALSE(test, success);
342	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
343	puf->e->start + TEST_U32_BUF_OFFSET);
344	}
345
346	static void policy_unpack_test_unpack_nameX_with_name(struct kunit *test)
347	{
348	struct policy_unpack_fixture *puf = test->priv;
349	const char name[] = TEST_U32_NAME;
350	bool success;
351
352	puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;
353
354	success = aa_unpack_nameX(e: puf->e, code: AA_U32, name);
355
356	KUNIT_EXPECT_TRUE(test, success);
357	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
358	puf->e->start + TEST_U32_BUF_OFFSET + `1`);
359	}
360
361	static void policy_unpack_test_unpack_nameX_with_wrong_name(struct kunit *test)
362	{
363	struct policy_unpack_fixture *puf = test->priv;
364	static const char name[] = "12345678";
365	bool success;
366
367	puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;
368
369	success = aa_unpack_nameX(e: puf->e, code: AA_U32, name);
370
371	KUNIT_EXPECT_FALSE(test, success);
372	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
373	puf->e->start + TEST_NAMED_U32_BUF_OFFSET);
374	}
375
376	static void policy_unpack_test_unpack_u16_chunk_basic(struct kunit *test)
377	{
378	struct policy_unpack_fixture *puf = test->priv;
379	char *chunk = NULL;
380	size_t size;
381
382	puf->e->pos += TEST_U16_OFFSET;
383	/*
384	* WARNING: For unit testing purposes, we're pushing puf->e->end past
385	* the end of the allocated memory. Doing anything other than comparing
386	* memory addresses is dangerous.
387	*/
388	puf->e->end += TEST_U16_DATA;
389
390	size = aa_unpack_u16_chunk(e: puf->e, chunk: &chunk);
391
392	KUNIT_EXPECT_PTR_EQ(test, chunk,
393	puf->e->start + TEST_U16_OFFSET + `2`);
394	KUNIT_EXPECT_EQ(test, size, TEST_U16_DATA);
395	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, (chunk + TEST_U16_DATA));
396	}
397
398	static void policy_unpack_test_unpack_u16_chunk_out_of_bounds_1(
399	struct kunit *test)
400	{
401	struct policy_unpack_fixture *puf = test->priv;
402	char *chunk = NULL;
403	size_t size;
404
405	puf->e->pos = puf->e->end - `1`;
406
407	size = aa_unpack_u16_chunk(e: puf->e, chunk: &chunk);
408
409	KUNIT_EXPECT_EQ(test, size, `0`);
410	KUNIT_EXPECT_NULL(test, chunk);
411	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, puf->e->end - `1`);
412	}
413
414	static void policy_unpack_test_unpack_u16_chunk_out_of_bounds_2(
415	struct kunit *test)
416	{
417	struct policy_unpack_fixture *puf = test->priv;
418	char *chunk = NULL;
419	size_t size;
420
421	puf->e->pos += TEST_U16_OFFSET;
422	/*
423	* WARNING: For unit testing purposes, we're pushing puf->e->end past
424	* the end of the allocated memory. Doing anything other than comparing
425	* memory addresses is dangerous.
426	*/
427	puf->e->end = puf->e->pos + TEST_U16_DATA - `1`;
428
429	size = aa_unpack_u16_chunk(e: puf->e, chunk: &chunk);
430
431	KUNIT_EXPECT_EQ(test, size, `0`);
432	KUNIT_EXPECT_NULL(test, chunk);
433	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, puf->e->start + TEST_U16_OFFSET);
434	}
435
436	static void policy_unpack_test_unpack_u32_with_null_name(struct kunit *test)
437	{
438	struct policy_unpack_fixture *puf = test->priv;
439	bool success;
440	u32 data = `0`;
441
442	puf->e->pos += TEST_U32_BUF_OFFSET;
443
444	success = aa_unpack_u32(e: puf->e, data: &data, NULL);
445
446	KUNIT_EXPECT_TRUE(test, success);
447	KUNIT_EXPECT_EQ(test, data, TEST_U32_DATA);
448	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
449	puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32) + `1`);
450	}
451
452	static void policy_unpack_test_unpack_u32_with_name(struct kunit *test)
453	{
454	struct policy_unpack_fixture *puf = test->priv;
455	const char name[] = TEST_U32_NAME;
456	bool success;
457	u32 data = `0`;
458
459	puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;
460
461	success = aa_unpack_u32(e: puf->e, data: &data, name);
462
463	KUNIT_EXPECT_TRUE(test, success);
464	KUNIT_EXPECT_EQ(test, data, TEST_U32_DATA);
465	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
466	puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32) + `1`);
467	}
468
469	static void policy_unpack_test_unpack_u32_out_of_bounds(struct kunit *test)
470	{
471	struct policy_unpack_fixture *puf = test->priv;
472	const char name[] = TEST_U32_NAME;
473	bool success;
474	u32 data = `0`;
475
476	puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;
477	puf->e->end = puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32);
478
479	success = aa_unpack_u32(e: puf->e, data: &data, name);
480
481	KUNIT_EXPECT_FALSE(test, success);
482	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
483	puf->e->start + TEST_NAMED_U32_BUF_OFFSET);
484	}
485
486	static void policy_unpack_test_unpack_u64_with_null_name(struct kunit *test)
487	{
488	struct policy_unpack_fixture *puf = test->priv;
489	bool success;
490	u64 data = `0`;
491
492	puf->e->pos += TEST_U64_BUF_OFFSET;
493
494	success = aa_unpack_u64(e: puf->e, data: &data, NULL);
495
496	KUNIT_EXPECT_TRUE(test, success);
497	KUNIT_EXPECT_EQ(test, data, TEST_U64_DATA);
498	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
499	puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64) + `1`);
500	}
501
502	static void policy_unpack_test_unpack_u64_with_name(struct kunit *test)
503	{
504	struct policy_unpack_fixture *puf = test->priv;
505	const char name[] = TEST_U64_NAME;
506	bool success;
507	u64 data = `0`;
508
509	puf->e->pos += TEST_NAMED_U64_BUF_OFFSET;
510
511	success = aa_unpack_u64(e: puf->e, data: &data, name);
512
513	KUNIT_EXPECT_TRUE(test, success);
514	KUNIT_EXPECT_EQ(test, data, TEST_U64_DATA);
515	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
516	puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64) + `1`);
517	}
518
519	static void policy_unpack_test_unpack_u64_out_of_bounds(struct kunit *test)
520	{
521	struct policy_unpack_fixture *puf = test->priv;
522	const char name[] = TEST_U64_NAME;
523	bool success;
524	u64 data = `0`;
525
526	puf->e->pos += TEST_NAMED_U64_BUF_OFFSET;
527	puf->e->end = puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64);
528
529	success = aa_unpack_u64(e: puf->e, data: &data, name);
530
531	KUNIT_EXPECT_FALSE(test, success);
532	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,
533	puf->e->start + TEST_NAMED_U64_BUF_OFFSET);
534	}
535
536	static void policy_unpack_test_unpack_X_code_match(struct kunit *test)
537	{
538	struct policy_unpack_fixture *puf = test->priv;
539	bool success = aa_unpack_X(e: puf->e, code: AA_NAME);
540
541	KUNIT_EXPECT_TRUE(test, success);
542	KUNIT_EXPECT_TRUE(test, puf->e->pos == puf->e->start + `1`);
543	}
544
545	static void policy_unpack_test_unpack_X_code_mismatch(struct kunit *test)
546	{
547	struct policy_unpack_fixture *puf = test->priv;
548	bool success = aa_unpack_X(e: puf->e, code: AA_STRING);
549
550	KUNIT_EXPECT_FALSE(test, success);
551	KUNIT_EXPECT_TRUE(test, puf->e->pos == puf->e->start);
552	}
553
554	static void policy_unpack_test_unpack_X_out_of_bounds(struct kunit *test)
555	{
556	struct policy_unpack_fixture *puf = test->priv;
557	bool success;
558
559	puf->e->pos = puf->e->end;
560	success = aa_unpack_X(e: puf->e, code: AA_NAME);
561
562	KUNIT_EXPECT_FALSE(test, success);
563	}
564
565	static struct kunit_case apparmor_policy_unpack_test_cases[] = {
566	KUNIT_CASE(policy_unpack_test_inbounds_when_inbounds),
567	KUNIT_CASE(policy_unpack_test_inbounds_when_out_of_bounds),
568	KUNIT_CASE(policy_unpack_test_unpack_array_with_null_name),
569	KUNIT_CASE(policy_unpack_test_unpack_array_with_name),
570	KUNIT_CASE(policy_unpack_test_unpack_array_out_of_bounds),
571	KUNIT_CASE(policy_unpack_test_unpack_blob_with_null_name),
572	KUNIT_CASE(policy_unpack_test_unpack_blob_with_name),
573	KUNIT_CASE(policy_unpack_test_unpack_blob_out_of_bounds),
574	KUNIT_CASE(policy_unpack_test_unpack_nameX_with_null_name),
575	KUNIT_CASE(policy_unpack_test_unpack_nameX_with_wrong_code),
576	KUNIT_CASE(policy_unpack_test_unpack_nameX_with_name),
577	KUNIT_CASE(policy_unpack_test_unpack_nameX_with_wrong_name),
578	KUNIT_CASE(policy_unpack_test_unpack_str_with_null_name),
579	KUNIT_CASE(policy_unpack_test_unpack_str_with_name),
580	KUNIT_CASE(policy_unpack_test_unpack_str_out_of_bounds),
581	KUNIT_CASE(policy_unpack_test_unpack_strdup_with_null_name),
582	KUNIT_CASE(policy_unpack_test_unpack_strdup_with_name),
583	KUNIT_CASE(policy_unpack_test_unpack_strdup_out_of_bounds),
584	KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_basic),
585	KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_out_of_bounds_1),
586	KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_out_of_bounds_2),
587	KUNIT_CASE(policy_unpack_test_unpack_u32_with_null_name),
588	KUNIT_CASE(policy_unpack_test_unpack_u32_with_name),
589	KUNIT_CASE(policy_unpack_test_unpack_u32_out_of_bounds),
590	KUNIT_CASE(policy_unpack_test_unpack_u64_with_null_name),
591	KUNIT_CASE(policy_unpack_test_unpack_u64_with_name),
592	KUNIT_CASE(policy_unpack_test_unpack_u64_out_of_bounds),
593	KUNIT_CASE(policy_unpack_test_unpack_X_code_match),
594	KUNIT_CASE(policy_unpack_test_unpack_X_code_mismatch),
595	KUNIT_CASE(policy_unpack_test_unpack_X_out_of_bounds),
596	{},
597	};
598
599	static struct kunit_suite apparmor_policy_unpack_test_module = {
600	.name = "apparmor_policy_unpack",
601	.init = policy_unpack_test_init,
602	.test_cases = apparmor_policy_unpack_test_cases,
603	};
604
605	kunit_test_suite(apparmor_policy_unpack_test_module);
606
607	MODULE_LICENSE("GPL");
608

source code of linux/security/apparmor/policy_unpack_test.c